Closed lloydbates closed 2 months ago
You may be confusing the NVD with the CVE Program. They are different. The NVD adds data, in their own database, after they download from the CVE List:
There are no metrics for CVE-2024-26603 in v4 or v5 CVE List repos:
There are metrics added in the NVD data:
You can ask your questions about NVD metrics at their site:
You are correct, it was my mistake. This issue can be closed.
There are are some CVE records in the new V5 that are missing any metrics.
Example: cves/2024/26xxx/CVE-2024-26603.json
In the corresponding CVE V4 record, this one exists:
JSON shortend for readability. Source: https://nvd.nist.gov/vuln/data-feeds#JSON_FEED see archive for CVE-2024
This is just one example.