NVD Modern 10k CVE Cybersecurity Benchmark Suite by Corey JacobsNVD Modern 10k CVE Cybersecurity Benchmark Suite | Contra

NVD Modern 10K CVE Source-Priority Dataset

Full Self-Audit Edition for deterministic LLM drift and source-priority evaluation

A deterministic 10,000-record CVE-derived dataset for testing model drift, prompt stability, and baseline behavior on cybersecurity-style source-priority classification.
This is not an official NVD severity benchmark, not a vulnerability exploitability claim, and not a replacement for human security review. It is a fixed, reproducible evaluation task:
Given NVD-derived CVE fields, predict the deterministic source-priority label produced by the included rubric.
Use the same inputs across model versions, prompts, agents, or workflows to compare accuracy, macro-F1, per-class behavior, regressions, and drift over time.

What this is useful for

Use this dataset to test:
whether a model’s CVE classification behavior changes between versions
whether a prompt or agent workflow stays stable across repeated runs
whether a local model can follow a fixed rubric on structured CVE-derived inputs
whether training, prompt, retrieval, or workflow changes improve or degrade classification behavior
whether a model collapses into shortcut behavior instead of following the included rubric
how errors distribute across critical, high, medium, and low source-priority labels

What is included

The Full Self-Audit Edition includes:
10,000 canonical labeled CVE-derived records
8,000 training-split records
optional message-format JSONL export for workflow compatibility
1,000 blinded evaluation inputs
1,000 evaluation answer rows
750 blinded challenge inputs
750 challenge answer rows
250 preview records
deterministic scoring script
prediction contract
rubric documentation
dataset card
schema file
validation report
file manifest with SHA-256 hashes
attribution and buyer license files

Why deterministic?

Many AI evaluations blur together model knowledge, prompt luck, hidden grading assumptions, and changing external context.
This pack is intentionally narrower. The task is fixed. The labels are deterministic. The rubric is included. The answer rows are included. The scorer is included.
That makes it useful for repeat testing:
Run Model A today. Run Model A again after a prompt change. Run Model B next week. Run a local model after quantization. Run the same workflow after adding retrieval.
Then compare the outputs against the same answer contract.

What this is not

This is not:
an official NVD product
an official NVD severity rating system
a hidden leaderboard benchmark
a live exploitability benchmark
a bug bounty target list
a claim that any CVE is exploitable in a specific environment
legal, compliance, or security advice
a substitute for professional vulnerability analysis
The source-priority labels are deterministic dataset labels produced by the included rubric and packaging process.
Because the answer rows are included, this is best used as a self-audit fixture, regression test, and drift-checking dataset, not as a contamination-resistant public leaderboard.

Intended buyers

This is for:
AI builders testing model drift
security researchers evaluating triage workflows
prompt engineers testing classification stability
local-model users comparing small models on cybersecurity-style tasks
teams building internal eval harnesses
educators or analysts who want a reproducible CVE-derived classification dataset

License summary

Purchase includes use of the dataset for internal research, evaluation, benchmarking, model comparison, prompt testing, workflow testing, training experiments, and commercial internal analysis.
You may use results, metrics, charts, and derived analysis from your own runs.
You may not resell, redistribute, sublicense, mirror, or republish the raw dataset package or answer-key files as a competing dataset product unless separately permitted in writing.

Attribution

This product uses data derived from the National Vulnerability Database API. It is not endorsed, certified, or sponsored by NVD, NIST, or any government agency.
NVD-derived fields have been selected, normalized, split, labeled, packaged, and documented by Terminus Protocol. The deterministic labels, splits, scorer, reports, and packaging are Terminus Protocol transformations, not official NVD labels or official NVD severity ratings.

Recommended workflow

Start with the free 250 / 10,000 drift slice to inspect schema, labels, scorer, and task shape.
Use the full 10K package for repeated model, prompt, or agent testing.
Save predictions from each run.
Score predictions with the included script.
Compare accuracy, macro-F1, per-class results, and regression patterns over time.

_______________________________________________

$19.99
Get it for$19.99
Tags
ai
benchmark
cybersecurity
evals
Product created by
Corey Jacobs St Paul, USA
4
Followers
Corey's other products
NVD Modern CVE Source-Priority — Free 250 / 10,000 Drift Slice
$0.00
Get it for$19.99
Tags
ai
benchmark
cybersecurity
evals

NVD Modern 10K CVE Source-Priority Dataset

Full Self-Audit Edition for deterministic LLM drift and source-priority evaluation

A deterministic 10,000-record CVE-derived dataset for testing model drift, prompt stability, and baseline behavior on cybersecurity-style source-priority classification.
This is not an official NVD severity benchmark, not a vulnerability exploitability claim, and not a replacement for human security review. It is a fixed, reproducible evaluation task:
Given NVD-derived CVE fields, predict the deterministic source-priority label produced by the included rubric.
Use the same inputs across model versions, prompts, agents, or workflows to compare accuracy, macro-F1, per-class behavior, regressions, and drift over time.

What this is useful for

Use this dataset to test:
whether a model’s CVE classification behavior changes between versions
whether a prompt or agent workflow stays stable across repeated runs
whether a local model can follow a fixed rubric on structured CVE-derived inputs
whether training, prompt, retrieval, or workflow changes improve or degrade classification behavior
whether a model collapses into shortcut behavior instead of following the included rubric
how errors distribute across critical, high, medium, and low source-priority labels

What is included

The Full Self-Audit Edition includes:
10,000 canonical labeled CVE-derived records
8,000 training-split records
optional message-format JSONL export for workflow compatibility
1,000 blinded evaluation inputs
1,000 evaluation answer rows
750 blinded challenge inputs
750 challenge answer rows
250 preview records
deterministic scoring script
prediction contract
rubric documentation
dataset card
schema file
validation report
file manifest with SHA-256 hashes
attribution and buyer license files

Why deterministic?

Many AI evaluations blur together model knowledge, prompt luck, hidden grading assumptions, and changing external context.
This pack is intentionally narrower. The task is fixed. The labels are deterministic. The rubric is included. The answer rows are included. The scorer is included.
That makes it useful for repeat testing:
Run Model A today. Run Model A again after a prompt change. Run Model B next week. Run a local model after quantization. Run the same workflow after adding retrieval.
Then compare the outputs against the same answer contract.

What this is not

This is not:
an official NVD product
an official NVD severity rating system
a hidden leaderboard benchmark
a live exploitability benchmark
a bug bounty target list
a claim that any CVE is exploitable in a specific environment
legal, compliance, or security advice
a substitute for professional vulnerability analysis
The source-priority labels are deterministic dataset labels produced by the included rubric and packaging process.
Because the answer rows are included, this is best used as a self-audit fixture, regression test, and drift-checking dataset, not as a contamination-resistant public leaderboard.

Intended buyers

This is for:
AI builders testing model drift
security researchers evaluating triage workflows
prompt engineers testing classification stability
local-model users comparing small models on cybersecurity-style tasks
teams building internal eval harnesses
educators or analysts who want a reproducible CVE-derived classification dataset

License summary

Purchase includes use of the dataset for internal research, evaluation, benchmarking, model comparison, prompt testing, workflow testing, training experiments, and commercial internal analysis.
You may use results, metrics, charts, and derived analysis from your own runs.
You may not resell, redistribute, sublicense, mirror, or republish the raw dataset package or answer-key files as a competing dataset product unless separately permitted in writing.

Attribution

This product uses data derived from the National Vulnerability Database API. It is not endorsed, certified, or sponsored by NVD, NIST, or any government agency.
NVD-derived fields have been selected, normalized, split, labeled, packaged, and documented by Terminus Protocol. The deterministic labels, splits, scorer, reports, and packaging are Terminus Protocol transformations, not official NVD labels or official NVD severity ratings.

Recommended workflow

Start with the free 250 / 10,000 drift slice to inspect schema, labels, scorer, and task shape.
Use the full 10K package for repeated model, prompt, or agent testing.
Save predictions from each run.
Score predictions with the included script.
Compare accuracy, macro-F1, per-class results, and regression patterns over time.

_______________________________________________

$19.99
Corey's other products
NVD Modern CVE Source-Priority — Free 250 / 10,000 Drift Slice
$0.00
$19.99
Buy