NIST to Cease Rating Lower-Priority Vulnerabilities

The National Institute of Standards and Technology (NIST) announced it will no longer assign severity scores to lower-priority vulnerabilities. This decision comes in response to an overwhelming increase in the number of submissions, which has made it challenging for the agency to assess and manage all reported flaws effectively. By focusing on higher-priority issues, NIST aims to streamline its processes and better allocate resources. This change may impact how organizations prioritize their cybersecurity measures, as they will need to independently assess these lower-priority vulnerabilities. Source: cybersecurity publication.