Quiz Entry - updated: 2026.07.05
What is CVE and how does it help with security?
CVE is a standardized catalog that gives every publicly known vulnerability a unique ID — so tools and teams all refer to the same flaw consistently.
CVE (Common Vulnerabilities and Exposures) — a standardized catalog of publicly known security vulnerabilities.
How it works:
- Each vulnerability gets a unique ID (e.g., CVE-2014-0160 for Heartbleed)
- Managed by CVE Numbering Authorities worldwide
- Severity scored using CVSS (0-10 scale)
- Detailed analysis in NVD (National Vulnerability Database)
Why it matters:
- Common language — Everyone refers to the same issue consistently
- Tracking — Organizations track which CVEs affect their systems
- Prioritization — CVSS scores help decide what to patch first
- Dependency scanning — Tools check your libraries against CVE databases
- Compliance — Many standards require CVE monitoring
Without CVE, "the OpenSSL bug" could refer to dozens of different issues.
See: https://cve.mitre.org/ and https://nvd.nist.gov/
Go deeper:
Vulnerability (computer security) — Wikipedia — ties together CVE, CVSS scoring, and vulnerability categories.