U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

NVD CVSS v4.0 Official Support

The NVD now supports CVSS v4.0!
The Common Vulnerability Scoring System (CVSS) provides a way to capture the principal characteristics of a vulnerability and produce a numerical score reflecting its severity. CVSS version 4.0 is the next generation of the Common Vulnerability Scoring System standard; released November 1, 2023. CVSS v4.0 provides increased granularity for Base metrics, a new Supplemental metric group, a different methodology for determining severity and more. For more information regarding CVSS v4.0 please visit https://www.first.org/cvss/v4.0/specification-document.

CVSS v4.0 information will be displayed throughout the NVD website:

Vulnerability Detail Pages
The Metrics section of the Vulnerability detail pages will now contain CVSS v4.0 data when available. CVSS v4.0 data will be displayed in a similar fashion to CVSS v3.x and CVSS v2.0 and will be displayed if available through NVD enrichment or CVE Program related CNA and/or ADP contributions.

CVSS v4.0 Calculator
A CVSS v4.0 Calculator (based on the one provided by the FIRST CVSS SIG) has been included on the website. While visually distinct from previous calculators, the same functionality exists when including CVE IDs or CVSS vector string parameters in the URL to the page (See Calculator Product Integration).

Vulnerability Search Form
The advanced section of the vulnerability search page has been updated to allow searching by CVSS v4.0 criteria.

Vulnerability Search Results
The search results will now include CVSS v4.0 badges when appropriate.

For questions and concerns you may contact nvd@nist.gov.

Created June 27, 2024 , Updated June 27, 2024