Home/Glossary/Common Vulnerabilities and Exposures (CVE)

Common Vulnerabilities and Exposures (CVE)

A standardized identifier for publicly disclosed security vulnerabilities in software and hardware.

Vulnerability ManagementAlso called: "cve id", "vulnerability identifier"

CVE IDs provide a common language for discussing security flaws across vendors and tools.

CVE identifier format

  • CVE-YYYY-NNNNN (e.g., CVE-2024-12345).
  • YYYY = year disclosed.
  • NNNNN = unique sequential number.

CVE lifecycle

  • Researcher discovers vulnerability.
  • CVE ID reserved through CNA (CVE Numbering Authority).
  • Details published in NIST NVD (National Vulnerability Database).
  • Vendors release patches and advisories.

Using CVE data

  • Prioritize patching based on CVSS scores and exploitation status.
  • Monitor CVE feeds for newly disclosed vulnerabilities.
  • Check if your software versions are affected.
  • Track CVEs in threat intelligence platforms.

Related Tools

Related Articles

View all articles
Vulnerability Management & Patch Prioritization Workflow

Vulnerability Management & Patch Prioritization Workflow

Master the complete vulnerability management lifecycle with risk-based patch prioritization. From discovery to remediation, learn how to protect your infrastructure before attackers strike.

Read article →
What is a CVE? Understanding Common Vulnerabilities and Exposures

What is a CVE? Understanding Common Vulnerabilities and Exposures

Learn what CVE identifiers are, how they work, and why they

Read article →
How do I find CVEs affecting my software and systems?

How do I find CVEs affecting my software and systems?

Learn practical methods and tools for identifying CVEs that affect your organization

Read article →
NVD Database Update Frequency: Understanding CVE Enrichment Timelines in 2025

NVD Database Update Frequency: Understanding CVE Enrichment Timelines in 2025

How often is the National Vulnerability Database updated? Learn about NVD

Read article →
Back to glossary