Nist Nvd

Attribution Notice

Leveraging VulnCheck NVD++ and the data in it, in your own production, solution, or service, is easy to do at no additional cost, but requires prominent public attribution to VulnCheck.

The terms and conditions of using VulnCheck NVD++, its data in whole or in part, either publicly or in cybersecurity product or service, requires prominent attribution to VulnCheck. However, other than this requirement, no additional costs are required.

Prominent attribution provides users with an understanding that when VulnCheck data is being used or provided to a user of the service, that the data is labeled as VulnCheck NVD++ or VulnCheck CPE.

If you have questions about VulnCheck NVD++ data in whole or in part, in one or more cybersecurity products at your company, please reach out to VulnCheck at to receive additional details on the attribution requirements. Including VulnCheck NVD++ in your open source or commercial product is meant to be free and not incur additional costs, we simply ask for prominent attribution.

Thank you.