Severity

What is Severity?

Severity levels help prioritize vulnerability remediation. Critical vulnerabilities can be exploited remotely with no authentication and lead to full system compromise. High severity issues are serious but may require specific conditions. Medium issues are real risks but less likely to be exploited. Low issues are minor or informational. Severity is typically derived from CVSS scores: Critical (9.0–10.0), High (7.0–8.9), Medium (4.0–6.9), Low (0.1–3.9). Effective prioritization combines severity with exploit likelihood (EPSS) and asset importance.