Explore the critical issue of free software vulnerability databases in this 53-minute Linux Foundation conference talk. Delve into the reasons behind the absence of such databases, understand the National Vulnerability Database (NVD), and discover potential solutions. Learn about Package URL, data aggregation techniques, and the proposed data model for vulnerability tracking. Examine the creation process, challenges faced, and future plans for implementing a free software vulnerability database. Gain insights into sustainability concerns and the innovative approach of identifying vulnerabilities using byte signatures. Join Philippe Ombredanne from AboutCode.org and nexB Inc., along with Michael Herzog from nexB Inc., as they address this crucial topic in open-source security.