From FedTech Magazine. NIST are making a database of vulnerabilities in source code (such as buffer overflows on the stack in C). There are many contributors to the database. The idea seems to be to make it easier to find “unsafe” coding practices that have the potential to create vulnerabilities. It’s a tool to aide in establishing assurance and security of computer code, something like that.