Glossary
CVE (Common Vulnerabilities and Exposures)
What Is a CVE (Common Vulnerabilities and Exposures)?
A CVE (Common Vulnerabilities and Exposures) is a unique identifier assigned to a publicly disclosed cybersecurity vulnerability, maintained as a standard reference so that tools, vendors, and security teams can communicate about the same issue using a shared name.
The CVE system, maintained by MITRE, is the foundation for vulnerability management programs worldwide. Every CVE has a record that describes the affected software, the nature of the flaw, and (typically) a severity score. But a CVE alone does not indicate exploitability — that requires additional context like CVSS, KEV status, EPSS, VEX, and execution-aware reachability.
Related Terms
CPE · CWE · CVSS · Known Exploited Vulnerabilities · Exploit Prediction Scoring System · Vulnerability Management


