BBLabs NewsBBLabs News
NewsAll articlesTopics
ES
  1. Home
  2. ›
  3. Glossary
  4. ›
  5. CVSS
CVE

CVSSCommon Vulnerability Scoring System

Definition

Industry standard to score vulnerability severity on a 0–10 scale. Combines attack vector, complexity, privileges required, user interaction, and impact on C, I, A.

CVSS (currently v3.1, with v4.0 in transition) translates a flaw's properties into a numeric score that helps prioritise patching. The vector matters most: it says how and where an attacker can exploit the bug.

A CVSS 9.8 (Critical) usually means: remotely exploitable (network), no authentication (PR:None), no user interaction (UI:None), and high impact on confidentiality/integrity/availability. That's typically unauthenticated RCE — patch NOW.

CVSS Base is only one face. Temporal adds context (is there a public exploit? a patch?), and Environmental tailors it to your infrastructure. Many teams only look at Base, but real prioritisation requires Temporal once you have in-the-wild evidence.

Related terms

  • CVE
  • RCE
  • LPE
  • Zero-day

Latest articles on CVE

  • →CVE-2026-31635 DirtyDecrypt: public PoC for Linux kernel LPE
  • →SharePoint RCE CVE-2026-45659 patched — CVSS 8.8
  • →CVE-2026-34926: Apex One zero-day actively exploited

Interested in CVE?

Get one technical story a day on cve — curated, summarised, actionable.

Subscribe
BBLabs NewsBBLabs News

Una historia al día. Cero ruido.

Newsletter técnica de ciberseguridad, vulnerabilidades, IA y bug bounty. Para gente que se toma en serio no perder el tiempo.

Conecta

Comunidad

  • Discord BBLabsÚnete a la comunidad
  • Discord Bug Bounty EspañaComunidad BB Es

Síguenos

  • YouTube · 0xGorkaCyber, hacking y bug bounty
  • Instagram · @bblabs.esLo último del proyecto

Contacto

team@bblabs.esEscríbenos para lo que sea

Para feedback, partnerships o reportar un bug en la web. Respondemos rápido.

Acerca de·Temas·Glosario·RSS·Privacidad·Términos
© 2026 BBLabs News·Por Gorka El Bochi
Hecho en España