Integrations for Central Vulnerability Database

  • Release version: Australia
  • Updated March 28, 2026
  • 3 minutes to read
  • The Central Vulnerability Database supports integration with trusted global vulnerability data sources, including the National Vulnerability Database, European Union Vulnerability Database (EUVD), and Japanese Vulnerability Notes (JVN), to enrich and normalize vulnerability records.

    By consolidating multiple authoritative and commercial intelligence sources, the Central Vulnerability Database enables more accurate impact assessment, improved risk scoring, and more effective remediation planning from the outset.

    The Integrations for Central Vulnerability Database collects data from EUVD and JVN and makes it available to the ServiceNow AI Platform®. It integrates with Vulnerability Response to map CVE vulnerabilities, enriching the data in your instance.

    Run this integration as part of the initial setup of Vulnerability Response, before importing data from third-party scanner products, to verify that vulnerabilities are normalized, enriched with external intelligence, and appropriately prioritized at the time of ingestion.

    Important:
    Each integration record has a configured run-as user. The default value is VIF.System. Don't change this value. In addition, check your entitlements to determine whether you have access to this plugin on production instances.

    After installation, the EUVD and JVN integrations aren't enabled by default. Each integration must be manually activated before it can begin collecting data. The EUVD integration runs on demand, while the JVN integration runs daily after it is marked as active . These scheduled and on-demand runs help keep the instance synchronized with external vulnerability data sources and support the vulnerability remediation life cycle.

    Imported vulnerability data

    In your ServiceNow AI Platform® instance, each vulnerability imported through the EUVD integration is represented as a vulnerability entry sourced from European Union Vulnerability Data and Japan Vulnerability Notes. The integration uses a custom Import Set and Processor Script framework to ingest, parse, and transform raw EUVD and JVN API responses into normalized vulnerability records within ServiceNow.

    Vulnerability entries created or updated in the instance reference EUVD and JVN vulnerability records, where each imported vulnerability is represented by a vulnerability entry in the source libraries of the NVD [sn_vul_nvd_entry] table. The EUVD and JVN integrations don't ingest Common Platform Enumeration (CPE) or Common Weakness Enumeration (CWE) data. As a result, vulnerability records and any associated vulnerable items derived from EUVD and JVN data are limited to CVE-based information and don't support CPE-based software matching or CWE-based weakness classification.

    The EUVD integration imports vulnerability entries and reference information into the sn_vul_nvd_entry, sn_vul_m2m_entry_cve, and sn_vul_reference tables.

    The JVN integration retrieves vulnerability data in XML format, converts it to JSON within the integration layer, and processes the transformed data using a processor script. Vulnerability entries and related data are populated into the sn_vul_nvd_entry, sn_vul_software, sn_vul_m2m_entry_software, sn_vul_m2m_entry_cve, and sn_vul_reference tables. This enables the creation of structured vulnerability records along with relationships to affected software and external references.

    Vulnerability Identifiers (VIs) created or updated in your instance reference EUVD and JVN vulnerability entries. CVSS details are mapped based on the version provided (v2, v3, or v4), ensuring accurate scoring and vector representation for each vulnerability record.

    Initial import of vulnerability data

    To initialize vulnerability data using the EUVD or JVN integrations, perform an initial import and verify successful data ingestion.

    1. Perform an initial import of vulnerability data with the EUVD or JVN integration. You can perform vulnerability updates On Demand for EUVD and Daily for JVN from the integration record by default, and you can configure these as needed.
    2. Verify that the Integrations for Central Vulnerability Database application is installed, and that an initial vulnerability data import from either the ENISA EUVD Integration or the JVN Integration is successful.

    Locating the Integrations for Central Vulnerability Database

    To view the Integrations for Central Vulnerability Database, type sn_vul_int_fw_integration.LIST in the Navigation Search bar and press Enter .

    Note:
    Neither the EUVD nor the JVN integration is active by default. You must mark each integration as active before it can be run.

    The following integrations are included in the base system:

    Integration Description
    EUVD Integration Retrieves vulnerability data from European Union Vulnerability Data (EUVD). This integration is inactive by default and does not support delta processing, so run it once per week.
    JVN Integration Retrieves vulnerability data from Japanese Vulnerability Notes (JVN). This integration is set to run daily and is inactive by default.