CVE® is a list of entries—each containing an identification number, a
description, and at least one public reference—for publicly known cybersecurity vulnerabilities.

CVE Entries are used in numerous cybersecurity products and services from around the world,
including the U.S. National Vulnerability Database (NVD).


CNAs World Map - August 2019

CVE Numbering Authorities (CNAs)

Totals CNAs: 100 | Total Countries: 16

CNAs include vendors and projects, vulnerability researchers, national and industry CERTs, and bug bounty programs.

CNAs are how the CVE List is built. Every CVE Entry added to the list is assigned by a CNA.

More News >>

CVE Working Groups Overview

The CVE Program has a number of Working Groups (WGs) actively focused on improving processes, workflows, and other aspects of the program as CVE continues to grow and expand.

In this post, you will learn about CVE’s six current WGs:

  •  Automation (AWG)
  •  Strategic Planning (SPWG)
  •  CNA Coordination (CNACWG)
  •  CVE Entry Quality (QWG)
  •  CVE Workflow (CWWG)
  •  Outreach and Communications (OCWG)



Page Last Updated or Reviewed: August 19, 2019