Common Vulnerability Scoring System (CVSS)

The Common Vulnerability Scoring System (CVSS) provides a standardized way to rate the severity of security vulnerabilities on a scale of 0 to 10. The score considers factors like how easy the vulnerability is to exploit, whether it requires user interaction, what access an attacker needs, and the potential impact on confidentiality, integrity, and availability.

CVSS scores help you prioritize which vulnerabilities to fix first. A CVSS 9.8 (Critical) vulnerability that's remotely exploitable deserves immediate attention, while a CVSS 3.1 (Low) that requires physical access might be addressed during your regular patch cycle.