Just because an organization maintains something like the “National Vulnerability Database”, it does not exclude them from becoming a victim to lurking hackers.
Well, chock this one up to being just a tad on the hilarious side, but one would think that if you were the National Vulnerability Database (NVD) you would be a more conscientious about making sure you wouldn't be vulnerable to exploits.
In the case of the National Institute of Standards and Technology, the maintainers of the database didn't seem to get that memo as it has been unavailable since last week due an attack via some type of vulnerability exploit.
On Friday March 6, the NIST noticed that there was some rather unusual activity around its firewall and began investigating when the servers were taken offline. At some point, malware was discovered on two of the NIST servers, which were then traced back to a software vulnerability.
Luckily, there is no evidence that people visiting NIST web pages were infected, but at this point there is no indication of when the servers will be brought back online.