Source: ENISA Vulnerability Database

[nscuro]

Current Behavior

https://euvd.enisa.europa.eu/

As per their FAQ:

The EUVD collects and references vulnerability information collected from existing databases (such as MITRE’s CVE DB, GitHub's Advisory Database, JVN iPedia, GSD-Database), adds additional information via references to advisories and alerts issued by national CSIRTs, mitigation and patching guidelines published by vendors, and enriches it with exploited vulnerability markings (such as CISA KEV) and FIRST’s Exploit Prediction scores (EPSS).

Looking at existing data in the DB it is still unclear to me what value it would have to pull it into our database, since it also merely aggregates others. If nothing else, at least the EUVD identifiers and alias relationships would be good to have.

Proposed Behavior

There is no public API documentation yet, but the search website uses the following endpoint:

https://euvdservices.enisa.europa.eu/api/vulnerabilities?assigner=&product=&vendor=&text=&fromDate=&toDate=&fromScore=0&toScore=10&fromEpss=0&toEpss=100&exploited=false&page=0&size=10