CVE Compatibility Process

The CVE Compatibility Process is a formal review and evaluation process for organizations wishing to declare their information security products and services as CVE-Compatible and have them formally evaluated.

Products and services recognized as Officially CVE-Compatible, as well as those working towards compatibility, will be posted in the "CVE-Compatible Products and Services" section of the CVE Web site, and announced on the CVE News & Events page and in the CVE-Announce e-newsletter.

Phase 1 – The Declaration Phase:

  1. Review the "Requirements and Recommendations for CVE Compatibility" document.
  2. Review the existing declarations listed on the CVE-Compatible Products and Services section.
  3. Send an email to requesting the "CVE Compatibility Declaration Form."
  4. MITRE sends you the declaration form.
  5. Complete and return the form to
  6. Your declaration is posted in the Compatibility section on the CVE Web site.
  7. If CVE Output, CVE Searchability, and CVE Documentation responses are all "yes," proceed to phase 2. If not, wait and then notify MITRE when these are completed.

Phase 2 – The Evaluation Phase:

  1. Upon completion of phase 1, send an email to requesting the "CVE Compatibility Requirements Evaluation Form" questionnaire.
  2. Complete and return the questionnaire, along with copies of any supporting documentation, to
  3. The completed questionnaire is reviewed and posted, and the organization is listed as "Officially CVE-Compatible" on the CVE Web site. The organization also receives authorization to use the CVE-Compatible Product/Service logo for the specified product(s) or service(s).

Contact Instructions

To begin the registration process, review the official CVE Compatibility Process detailed above then send an email to requesting the Declaration Form along with your company name and contact information, the type of product, and the name of the product or service.

You will receive specific instructions for completing and submitting additional information as the process continues.

Page Last Updated or Reviewed: April 28, 2016