The Common Vulnerability Scanning System (CVSS) is the most frequently cited rating system to assess the severity of security vulnerabilities. It has been criticized, however, as not being appropriate to assess and prioritize risk from those vulnerabilities. For this reason, some have called for using the Exploit Prediction Scoring System (EPSS) or combining CVSS and EPSS to make vulnerability metrics more actionable and efficient. Like CVSS, EPSS is governed by the Forum of Incident Response and Security Teams (FIRST).
Related Post
- April 18, 2025
Friday Squid Blogging: Live Colossal Squid Filmed
A live colossal squid was filmed for the first time in the ocean. It’s only a juvenile: a foot long.
- April 18, 2025
Chinese Smishing Kit Powers Widespread Toll Fraud Campaign
Cybersecurity researchers are warning of a “widespread and ongoing” SMS phishing campaign that’s been targeting toll road users in the
- April 18, 2025
Multi-Stage Malware Attack Uses .JSE and PowerShell to
A new multi-stage attack has been observed delivering malware families like Agent Tesla variants, Remcos RAT, and XLoader. “Attackers increasingly
- April 18, 2025
[Webinar] AI Is Already Inside Your SaaS Stack
Your employees didn’t mean to expose sensitive data. They just wanted to move faster. So they used ChatGPT to summarize