Mitre

CVE (Common Vulnerabilities and Exposures) is the global identifier standard for publicly disclosed software and hardware vulnerabilities. This SECMONS glossary entry explains CVE structure, who assigns CVEs, how CVEs relate to CVSS and CWE, and how teams use CVEs for patching, risk, and incident response.

CWE (Common Weakness Enumeration) is the standardized taxonomy used to classify software and hardware weakness types such as use-after-free, buffer overflow, and security feature bypass. This SECMONS glossary entry explains what CWE represents, how it differs from CVE and CVSS, and how defenders use CWE to understand exploitation patterns and prioritize remediation.