Vulnerability

A vulnerability is any flaw or weakness — in code, configuration, design, or operational practice — that, if exploited, could compromise the security of an information system. Vulnerabilities arise from software bugs (memory errors, missing input validation), misconfiguration, weak credentials, design oversights, or unpatched dependencies. They are catalogued publicly using identifiers such as CVE and rated by frameworks like CVSS and EPSS to prioritize remediation. Managing vulnerabilities requires continuous discovery (scanning, SAST/DAST), risk-based prioritization, patching or compensating controls, and verification that the fix is effective and durable across the asset inventory.