CVE Grouped by OWASP Top 10 Categories

Analyze critical vulnerabilities by type

This page allows you to search CVEs (Common Vulnerabilities and Exposures) according to OWASP Top 10 categories, based on groups of CWE (Common Weakness Enumeration). By organizing vulnerabilities by risk type - such as injection, cross-site scripting (XSS), authentication issues, and sensitive data exposure - you can more easily identify and prioritize high-risk threats. This classification helps improve threat modeling, attack surface analysis, and data protection. CVSS and EPSS scores, along with links to related CAPEC and exploits, support actionable cyber threat intelligence.
Notifications on CVE
Stay informed of any changes or new CVE.
Notifications manage
CVE ID Published
Modified		 Description Score Severity EPSS? CISA?
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.