A
software vulnerability is a weakness in code, design, or configuration that can be exploited to violate security properties — gaining unauthorized access, executing code, or causing DoS.
Vulnerability lifecycle: discovery → CVE assignment → vendor patch → public disclosure → exploitation attempts spike. Patch before public disclosure if possible. Post-disclosure, treat as emergency — attackers reverse-engineer patches quickly.