"Fourth, national vulnerability databases like China’s and Russia’s, among others, will largely dry up (Russia more than China)."
"Fourth [sic], hundreds, if not thousands, of National / Regional CERTs around the world, no longer have that source of free vulnerability intelligence."
"Fifth [sic], every company in the world that relied on CVE/NVD for vulnerability intelligence is going to experience swift and sharp pains to their vulnerability management program."
All major powers have at least one each, some few for different parts of bureaucracy. Most of them are probably minimum budget operations just rsync-ing US CVD but they exist.
They already did it. Great!
Maybe we can ask them how to contribute to their software, as it seems to be proprietary at the moment?
edit: lol, their manifest.json is still the React boilerplate: https://euvd.enisa.europa.eu/manifest.json
Their database seems to also only contain fairly recent CVEs (up until 2019? some CVEs are missing...) and not before that