Tell me about CVSS

CVSS stands for The Common Vulnerability Scoring System and is an industry open standard designed to convey vulnerability severity and risk. CVSS was commissioned by the National Infrastructure Advisory Council (NIAC) tasked in support of the global Vulnerability Disclosure Framework. It is currently maintained by FIRST (Forum of Incident Response and Security Teams).


We support CVSS Version 2 and CVSS Version 3.

Learn more

CVSS standards -

CVSS Version 2 standards specification -

CVSS Version 3 standards specification -

CVSS Version 3.1 standards specification -