BBLabs NewsBBLabs News
NewsAll articlesTopics
ES
  1. Home
  2. ›
  3. Glossary
  4. ›
  5. CVE
CVE

CVECommon Vulnerabilities and Exposures

Definition

Unique identifier in the form CVE-YYYY-NNNN, assigned by MITRE to a publicly disclosed vulnerability. Industry standard for referencing specific security flaws.

When a researcher or vendor reports a new vulnerability, MITRE (or a delegated CNA — Microsoft, GitHub, Google, etc.) assigns a CVE identifier. That ID travels with the vulnerability through NVD (NIST's database), vendor advisories, exploit databases, and news.

The CVE-YYYY-NNNN structure is predictable: YYYY is the assignment year (not necessarily discovery or disclosure year), NNNN is a sequential number. Since 2014 NNNN can have more than 4 digits.

A CVE itself doesn't include severity — that comes from CVSS. It doesn't include an exploit either. It's just the stable handle that lets every team talk about the same thing: 'CVE-2026-31635' is unambiguous; 'that Linux kernel bug' isn't.

Related terms

  • CVSS
  • Zero-day
  • RCE
  • LPE

Latest articles on CVE

  • →CVE-2026-31635 DirtyDecrypt: public PoC for Linux kernel LPE
  • →SharePoint RCE CVE-2026-45659 patched — CVSS 8.8
  • →CVE-2026-34926: Apex One zero-day actively exploited

Interested in CVE?

Get one technical story a day on cve — curated, summarised, actionable.

Subscribe
BBLabs NewsBBLabs News

Una historia al día. Cero ruido.

Newsletter técnica de ciberseguridad, vulnerabilidades, IA y bug bounty. Para gente que se toma en serio no perder el tiempo.

Conecta

Comunidad

  • Discord BBLabsÚnete a la comunidad
  • Discord Bug Bounty EspañaComunidad BB Es

Síguenos

  • YouTube · 0xGorkaCyber, hacking y bug bounty
  • Instagram · @bblabs.esLo último del proyecto

Contacto

team@bblabs.esEscríbenos para lo que sea

Para feedback, partnerships o reportar un bug en la web. Respondemos rápido.

Acerca de·Temas·Glosario·RSS·Privacidad·Términos
© 2026 BBLabs News·Por Gorka El Bochi
Hecho en España