CVE - Common Vulnerabilities and Exposures (CVE)

CVE® International in scope and free for public use, CVE is a dictionary of publicly known information security vulnerabilities and exposures.

Assigned by CVE Numbering Authorities from around the world, CVE's common identifiers enable data exchange between security products and provide a baseline index point for evaluating coverage of tools and services.

NVD, the U.S. National Vulnerability Database, is based upon and synchronized with the CVE List.

Request a
CVE ID

Click for CNAs, MITRE request form, guidelines, & more

Update info
in a CVE ID

Click for MITRE request form, guidelines & more

CVE List
downloads

Available in xml, CVRF, txt, & comma-separated

CVE content
data feeds

Available via Purdue University & NVD

Focus On

CVE Request Web Form

Use our CVE Request web form to contact us about the following:

Request a CVE ID from MITRE
Notify us about a vulnerability publication
Update an existing CVE
Other (submit comments/questions)

Also, view our web form help.

More >>

CVE Blog

What's your opinion on updating CVE ID Descriptions?

Latest CVE News

More >>

Page Last Updated or Reviewed: January 26, 2017

Use of the Common Vulnerabilities and Exposures (CVE) List and the associated references from this website are subject to the terms of use. For more information, please contact us.

CVE is sponsored by US-CERT in the office of Cybersecurity and Communications at the U.S. Department of Homeland Security. Copyright © 1999–2017, The MITRE Corporation. CVE and the CVE logo are registered trademarks and CVE-Compatible is a trademark of The MITRE Corporation.

Site Map
Privacy policy
Terms of use
Contact us