Optiv Cybersecurity Dictionary

What is CVE (CVE - Common Vulnerabilities and Exposures)?

Common Vulnerabilities and Exposures (CVE) is a program launched by MITRE, a nonprofit that operates federal government-sponsored research and development centers, to identify and catalog vulnerabilities in software or firmware into a free “dictionary” for organizations to use as a resource to improve their security.


The dictionary’s main purpose is to standardize the way each known vulnerability or exposure is identified. Standard IDs allow security administrators to access technical information about a specific threat across multiple CVE-compatible information sources. CVE is sponsored by US-CERT within the Department of Homeland Security (DHS) Office of Cybersecurity and Information Assurance (OCSIA). MITRE maintains the CVE dictionary and public website. It also manages the CVE Compatibility Program, which promotes the use of standard CVE identifiers by authorized CVE numbering authorities (CNAs).

Contact Us