CVE® is a list of entries—each containing an identification number, a
description, and at least one public reference—for publicly known cybersecurity vulnerabilities.

CVE Entries are used in numerous cybersecurity products and services from around the world,
including the U.S. National Vulnerability Database (NVD).

CNAs World Map - May 2019

CVE Numbering Authorities (CNAs)

Totals CNAs: 98 | Total Countries: 16

CNAs include vendors and projects, vulnerability researchers, national and industry CERTs, and bug bounty programs.

CNAs are how the CVE List is built. Every CVE Entry added to the list is assigned by a CNA.

More >>

Refresher: When to Use the CVE Request Web Form

First introduced in August 2016, the online “CVE Request Web Form” is the main method for communicating with the CVE Program Root CNA. By using the web form, the CVE Program’s ability to receive, manage, track, and respond to user questions and CVE ID requests has significantly improved.

In this article, inspired by user questions, we will discuss when and how to use the CVE Request Web Form to best assist you.

Page Last Updated or Reviewed: May 21, 2019