This document discusses using topic models to analyze trends in vulnerability data from Common Vulnerabilities and Exposures (CVE). Latent Dirichlet allocation is used to identify topics in CVE summaries from 2000-2009. Key trends identified include a decline in buffer overflows and format strings but an increase in SQL injection, cross-site scripting, and application servers. The topics identified generally align well with the Common Weakness Enumeration classifications.