GCVE Announces the Launch of db.gcve.eu: A New Open Public Vulnerability Advisory Database
Luxembourg, 2026/01/07 - The GCVE initiative is proud to announce the public launch of db.gcve.eu, a new open and freely accessible vulnerability advisory database. The platform aggregates and correlates vulnerability information from more than 25 public sources, including GCVE GNA (Numbering Authority) sources and other established vulnerability databases.
The goal of db.gcve.eu is to provide the community with a single, unified, and openly accessible reference point for vulnerability intelligence, enabling defenders, researchers, CSIRTs, vendors, and open-source projects to more easily track, correlate, and analyze security advisories across ecosystems.
A Unified View of Vulnerabilities
db.gcve.eu continuously collects and correlates data from a wide range of public vulnerability sources, offering:
- Aggregation of vulnerability advisories from 25+ sources
- Native integration of GCVE GNA
- Correlation across multiple databases and identifiers
- Normalized, structured, and searchable vulnerability records
By bringing together data from decentralized publishers and existing vulnerability databases, db.gcve.eu helps reduce fragmentation and improves visibility across the global vulnerability landscape.
Built on Open Source and Open Standards
The platform is powered by vulnerability-lookup, an open-source project that implements all Best Current Practices (BCPs) defined by the GCVE initiative. This ensures that data collection, synchronization, and publication follow open, transparent, and reproducible processes.
vulnerability-lookup is designed to support decentralized vulnerability publishing while enabling efficient aggregation and correlation, a core principle of the GCVE model.
Open Access, Open Data, Open API
In line with the GCVE commitment to openness and transparency, db.gcve.eu is provided with:
- Public web interface: https://db.gcve.eu/
- Public API: https://db.gcve.eu/api/
- Open data dumps: available for bulk access and offline analysis
All data is made available enabling reuse in tools, research, and operational workflows.
Supporting a Decentralized Vulnerability Ecosystem
db.gcve.eu is a concrete step towards the GCVE vision of a decentralized, federated, and resilient vulnerability disclosure ecosystem. By enabling GNAs and other publishers to contribute data independently, while still benefiting from global correlation, GCVE aims to reduce single points of failure and foster innovation in vulnerability management.
About GCVE
The GCVE initiative is an open, community-driven effort to design and operate a decentralized vulnerability identification and publication framework. GCVE introduces the concept of GCVE Numbering Authorities (GNAs), which are empowered to allocate and publish vulnerability identifiers independently, while remaining interoperable through shared protocols and best practices.
More information about GCVE and its specifications is available at:
https://gcve.eu/
Funding and Hosting
The project is co-funded by CIRCL and the European Union (ECCC) under the FETTA project, supporting the development of open, resilient, and strengthen EU Cyber Threat Intelligence.
The db.gcve.eu platform is hosted and operated by CIRCL in its own datacenter located in the Grand-Duchy of Luxembourg (Europe). This ensures full control over the infrastructure, data, and operations. By combining open-source software, open data, and European-controlled infrastructure, GCVE and CIRCL contribute to strengthening digital sovereignty, strategic autonomy, and trust in vulnerability information sharing.
While the infrastructure relies on a global hardware supply chain and therefore includes non-EU manufactured equipment, the platform is fully operated, administered, and governed from within Europe by CIRCL.
Contact
For questions, feedback, or collaboration inquiries, please contact: info@gcve.eu or gna@gcve.eu if you want to become a GNA.