CVE

Common Vulnerabilities and Exposures (CVE) is a standardized system for identifying and naming publicly known security vulnerabilities. Each CVE entry has a unique identifier (e.g., CVE-2021-44228 for Log4Shell), a description, and references. CVEs are assigned by CVE Numbering Authorities (CNAs) and tracked in the National Vulnerability Database (NVD). Subscribing to CVE feeds and monitoring your dependencies for new CVEs is a core practice of vulnerability management.

Why it matters for your website

• 1Helps identify vulnerabilities before attackers do
• 2Required by PCI-DSS, SOC 2, and most enterprise security programs
• 3Regular testing reduces mean time to detect (MTTD) breaches