As the Cyber Resilience Act’s reporting obligations begin to apply and ENISA rolls out the Single Reporting Platform, this session offers a timely deep dive into vulnerability handling and reporting in Europe. It will explore how ENISA is scaling its EU Vulnerability Services, including the European Vulnerability Database (EUVD), support to Member States’ coordinated vulnerability disclosure processes, and a growing operational role in the global vulnerability management ecosystem. Designed for both general and specialist audiences — from policymakers to technical practitioners and industry leaders — the session will show how vulnerability information can be transformed into actionable guidance, prioritised mitigation, and more effective risk reduction across critical systems and supply chains. The talk will also examine lessons learned from real-world implementation, the importance of global interoperability and cooperation, and how AI is reshaping vulnerability discovery, potential exploitation, and faster remediation.
