CVE - Common Vulnerabilities and Exposures (CVE)

CVE® is a list of entries—each containing an identification number, a
description, and at least one public reference—for publicly known cybersecurity vulnerabilities.

CVE Entries are used in numerous cybersecurity products and services from around the world,
including the U.S. National Vulnerability Database (NVD).

CNA Participation Growing Worldwide

CVE Numbering Authorities (CNAs)

Totals CNAs: 98 | Total Countries: 16

CNAs include vendors and projects, vulnerability researchers, national and industry CERTs, and bug bounty programs.

CNAs are how the CVE List is built. Every CVE Entry added to the list is assigned by a CNA.

How to Become a CNA >>

Latest CVE News

More >>

CVE Blog

Refresher: When to Use the CVE Request Web Form

First introduced in August 2016, the online “CVE Request Web Form” is the main method for communicating with the CVE Program Root CNA. By using the web form, the CVE Program’s ability to receive, manage, track, and respond to user questions and CVE ID requests has significantly improved.

In this article, inspired by user questions, we will discuss when and how to use the CVE Request Web Form to best assist you.

More >>

Newest CVE Entries

Newest CVE IDs by @CVEnew

Follow @CVEnew >>

Page Last Updated or Reviewed: April 23, 2019

Use of the Common Vulnerabilities and Exposures (CVE®) List and the associated references from this website are subject to the terms of use. CVE is sponsored by NSD, NCCIC in CISA’s Cybersecurity Division at the U.S. Department of Homeland Security. Copyright © 1999–2019, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation.