What is a Vulnerability? Ingrid A vulnerability is a flaw or weakness in a system’s design, implementation, or operation and management that could be exploited to violate the system’s security policy. Vulnerabilities that share common frameworks and events may be part of a vulnerability group (a.k.a. threat group).DetailsVulnerabilities can have the following details: Classification An indication that the host is vulnerable. CVE ID All vulnerabilities have a Common Vulnerabilities and Exposures ID (CVE ID). Use this ID in searches for a vulnerability on the web or in the National Vulnerability Database (NVD). Prominent vulnerabilities can also have a vulnerability name. Dynamic Vulnerability Exploit (DVE) Predicts the likelihood that a vulnerability will be exploited in the next 90 days by modeling exploitation activity based on threat intelligence. Evidence Available Indications when evidence of exposure is available. Evidence Certainty A measure of how certain Bitsight is about a company's detection status. Exploit Prediction Scoring System (EPSS) Estimates the likelihood that a software will be exploited. The higher the percentage the more likely it’s to be exploited. Exposure Detection A company's protection status from a threat. Vulnerability Severity The criticality of a vulnerability. It is summarized by Bitsight severity, which follows the Common Vulnerability Scoring System (CVSS). Resources API Threats API Endpoint Emerging Security Events Presents emerging vulnerabilities. Cybersecurity News Recent cybersecurity news. Vulnerabilities & Infections The resource center for jajor security events. Vulnerability Catalog Report The Vulnerability Catalog for Security Posture Management. Vulnerability Detection Vulnerability Detection by application: Continuous Monitoring Security Posture Management Cyber Insurance March 19, 2026: Security Posture Management rebrand. July 8, 2025: Evidence available. April 3, 2025: Dynamic Vulnerability Exploit (DVE); Linked to the Emerging Security Events card. October 18, 2024: Exploit Prediction Scoring System (EPSS). Related articles Exposure Detection & Evidence Certainty Vulnerability Severity: Bitsight Severity & CVSS GET: Finding Details Vulnerability Classification Requesting a New Vulnerability Feedback 0 comments Please sign in to leave a comment.