[{"data":1,"prerenderedAt":82},["ShallowReactive",2],{"term-v\u002Fvulnerability":3,"related-v\u002Fvulnerability":61},{"id":4,"title":5,"acronym":6,"body":7,"category":40,"description":41,"difficulty":42,"extension":43,"letter":44,"meta":45,"navigation":46,"path":47,"related":48,"seo":55,"sitemap":56,"stem":59,"subcategory":6,"__hash__":60},"terms\u002Fterms\u002Fv\u002Fvulnerability.md","Vulnerability",null,{"type":8,"value":9,"toc":33},"minimark",[10,15,19,23,26,30],[11,12,14],"h2",{"id":13},"eli5-the-vibe-check","ELI5 — The Vibe Check",[16,17,18],"p",{},"A vulnerability is a weakness in your code or system that a bad guy could exploit. Like a broken lock on a door. The lock exists, but it doesn't work properly, so anyone who knows the trick can get through. Vulnerabilities can be in your code, your libraries, your server config, or anywhere in the chain.",[11,20,22],{"id":21},"real-talk","Real Talk",[16,24,25],{},"A vulnerability is a flaw or weakness in a system's design, implementation, or operation that can be exploited to violate security policies. Vulnerabilities are assigned CVE (Common Vulnerabilities and Exposures) identifiers and CVSS severity scores for tracking and prioritization.",[11,27,29],{"id":28},"when-youll-hear-this","When You'll Hear This",[16,31,32],{},"\"A critical vulnerability was found in the auth module.\" \u002F \"The npm audit report shows 3 high-severity vulnerabilities.\"",{"title":34,"searchDepth":35,"depth":35,"links":36},"",2,[37,38,39],{"id":13,"depth":35,"text":14},{"id":21,"depth":35,"text":22},{"id":28,"depth":35,"text":29},"security","A vulnerability is a weakness in your code or system that a bad guy could exploit. Like a broken lock on a door.","beginner","md","v",{},true,"\u002Fterms\u002Fv\u002Fvulnerability",[49,50,51,52,53,54],"Exploit","Patch","Zero-Day","Bug Bounty","Penetration Testing","OWASP Top 10",{"title":5,"description":41},{"changefreq":57,"priority":58},"weekly",0.7,"terms\u002Fv\u002Fvulnerability","bfT2uOyXXMDg8YmpQhU2tAirk-8k4w9NlLAkVbXAVz4",[62,65,68,71,75,79],{"title":52,"path":63,"acronym":6,"category":40,"difficulty":42,"description":64},"\u002Fterms\u002Fb\u002Fbug-bounty","A bug bounty program pays ethical hackers to find security vulnerabilities in your product.",{"title":49,"path":66,"acronym":6,"category":40,"difficulty":42,"description":67},"\u002Fterms\u002Fe\u002Fexploit","An exploit is the actual tool or technique used to take advantage of a vulnerability.",{"title":54,"path":69,"acronym":6,"category":40,"difficulty":42,"description":70},"\u002Fterms\u002Fo\u002Fowasp-top-10","The OWASP Top 10 is the security industry's greatest hits of web vulnerabilities — the 10 most common, dangerous ways apps get hacked.",{"title":50,"path":72,"acronym":6,"category":73,"difficulty":42,"description":74},"\u002Fterms\u002Fp\u002Fpatch","general","A patch is a small update that fixes something specific without replacing the whole program.",{"title":53,"path":76,"acronym":6,"category":40,"difficulty":77,"description":78},"\u002Fterms\u002Fp\u002Fpenetration-testing","intermediate","Penetration testing (pentesting) is hiring ethical hackers to try to break into your own systems before the real bad guys do.",{"title":51,"path":80,"acronym":6,"category":40,"difficulty":77,"description":81},"\u002Fterms\u002Fz\u002Fzero-day","A zero-day is a vulnerability that nobody knows about yet — except the person who found it. The name means the vendor has had 'zero days' to fix it.",1776518323384]