cve
Safeguard articles tagged "cve" — guides, analysis, and best practices for software supply chain and application security.
136 articles
CVE explained: how vulnerabilities get identified and scored
A CVE ID and its CVSS score come from different organizations entirely. Here's how identification and severity scoring actually work, using Log4Shell and the 2024 NVD backlog as examples.
Axios npm Vulnerabilities: The Full CVE History and Patch Guide
Every notable axios npm vulnerability, from the 2019 DoS to the 2025 SSRF, with the fixed versions and a patch path that also catches the transitive ones.
CVE vs CVSS vs EPSS vs SSVC scoring compared
CVE tells you a flaw exists, CVSS rates severity, EPSS predicts exploitation, and SSVC drives decisions. Here's how Safeguard and Socket.dev use each differently.
The ROI of CVE Prioritization with Reachability in 2026
Concrete numbers on what reachability-based CVE prioritization saves: engineering hours, mean time to remediate, and the ROI math that survives finance review.
CVE-2026-0300 in Palo Alto PAN-OS: Patch Posture & SBOM Response
PAN-OS Captive Portal pre-auth RCE scored CVSS 9.3 and landed on CISA KEV with a three-day patch deadline. Defender playbook below.
The NVD backlog and its impact on vulnerability management
The NVD backlog leaves thousands of CVEs unscored each month, forcing security teams to rethink how they prioritize and triage vulnerabilities.
GHSA vs CVE vs OSV: comparing vulnerability identifier formats
A plain-language breakdown of CVE, GHSA, and OSV vulnerability identifiers, who assigns them, how they differ, and why one flaw can carry three IDs.
2026 Q1 CVE Trend Analysis
A data-driven look at CVE trends from Q1 2026: publication volume, severity distribution, exploitation patterns, and what the shifts mean for defenders.
Tracking Kubernetes CVEs in 2026: A Practical Method
Kubernetes CVE news moves fast across control plane, kubelet, and CNI components — here's a repeatable method for tracking what actually applies to your cluster.
What is Vulnerability Management
Vulnerability management turns thousands of CVEs into a ranked, fixable backlog. Here's how the lifecycle, prioritization, and standards actually work.
Top 10 Application Security Acronyms (Glossary)
SAST, DAST, SBOM, CVSS, CWE, SSDF — 10 AppSec acronyms defined with real CVEs, dates, and standards so you use them correctly, not interchangeably.
What is an Application Vulnerability
A flaw in code, config, or a dependency that attackers can exploit. Learn the types, scoring, and how vulnerabilities differ from risk and threats.