CVE

Each CVE ID (e.g., CVE-2017-0144, the EternalBlue flaw behind WannaCry) uniquely names one publicly disclosed vulnerability, giving vendors, scanners, and defenders a common reference. CVE identifies what the flaw is; CVSS scores how severe it is, and feeds like CISA’s KEV catalog flag which CVEs are actively exploited and should jump the patch queue.