Europe launches GCVE to track software vulnerabilities, enhance digital sovereignty

Europe has launched its own public database for tracking software security vulnerabilities, named GCVE (Global Cybersecurity Vulnerability Enumeration), aiming to bolster its digital defenses and reduce reliance on U.S.-based systems. The initiative seeks to provide a decentralized European alternative for identifying and managing cyber threats, HackRead reports.

The GCVE database, located at db.gcve.eu, addresses concerns over the potential discontinuation of the U.S.-based CVE program. Unlike traditional centralized systems, GCVE employs a decentralized approach where authorized groups, known as GCVE Numbering Authorities (GNA), can assign ID numbers to new security flaws without central approval. This system consolidates and normalizes data from over 25 sources, making it easier for IT experts to search and analyze threats. An open API facilitates integration with existing security tools, enabling faster threat tracking and response for security professionals and developers.

By creating a decentralized and compatible alternative to the U.S. CVE program, Europe aims to mitigate the risk of a single point of failure and address potential funding uncertainties.

This move is expected to improve the speed and robustness of vulnerability documentation, allowing businesses and governments to respond more effectively to emerging cyber threats and enhancing overall global safety.