Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

EVENTS

NIST Workshop on Hardware CPE and CVSS Updates

workshop

June 22, 2026
10:00am - 5:00pm EDT

NIST National Cybersecurity Center of Excellence (NCCoE)
9700 Great Seneca Highway, Rockville, MD 20850

In-Person Registration Fee: $96 (includes all-day beverage service, AM Snack, Lunch and PM Snack)
In-person registration will close on June 15, 2026 at 6:00pm

Virtual Registration Fee: $46
Virtual registration will close on June 22, 2026 at 9:00am

technical contact

Dragos Prisaca, dragos.prisaca [at] nist.gov (dragos[dot]prisaca[at]nist[dot]gov)

Registration Contact

Sabina Mohan

[email protected]

(240) 309-1727

NIST is hosting a one-day workshop on hardware representation in the Common Platform Enumeration (CPE) and on how the Common Vulnerability Scoring System (CVSS) applies to hardware. The workshop will discuss NIST's plans and potential updates in these areas and gather community feedback from hardware vendors, vulnerability analysts, security-tool developers, National Vulnerability Database (NVD) users, and standards participants across government and industry.

Topics will include the current state of hardware coverage in NVD and CPE, plans and potential changes to CPE for hardware representation, CVSS considerations specific to hardware, and how the community can engage with this work going forward. The workshop is part of NIST's CHIPS Metrology and Computer Security Division (CSD) effort to improve how hardware products are identified and how their vulnerabilities are scored.

The event will be held at the NIST National Cybersecurity Center of Excellence (NCCoE) in Rockville, Maryland, with a virtual attendance option.

For more information about the National Vulnerability Database, visit the National Vulnerability Database. For more information about NVD CPE, please visit the NVD CPE page. For CPE development and access to the public comments forum, contact cpe-dev [at] list.nist.gov (cpe-dev[at]list[dot]nist[dot]gov).

If you have questions regarding the workshop, please contact cpe-workshop [at] nist.gov (cpe-workshop[at]nist[dot]gov).

Agenda

Agenda coming soon

Security Instructions

Visitor Access Requirement:

For Non-US Citizens: Please have your valid passport for photo identification.*
For US Permanent Residents: Please have your green card for photo identification.*
For US Citizens: Please have your state-issued driver's license. Regarding Real-ID requirements, all states are in compliance.
NIST also accepts other forms of federally issued identification in lieu of a state-issued driver's license, such as a valid passport, passport card, DOD's Common Access Card (CAC), Veterans ID, Federal Agency HSPD-12 IDs, and Military Dependents ID.

*Use of apps, physical photocopies, and/or digital screenshots of your ID, Passport or Green card will not be accepted.

Electronics, Semiconductors, Information technology, Conformance testing, Cybersecurity and privacy, Cybersecurity measurement, Risk management, Securing emerging technologies, Standards, Conformity assessment, Documentary standards, Frameworks and Reference data