Vulnerability Prioritization Scorer

Data-driven CVE risk scoring tool

PythonStreamlitPandasNVD API

Dashboard — configurable scoring weights and CVE upload interface

Results — prioritized CVE list with composite scores, severity, EPSS, and CVSS columns

The Problem

Security teams face thousands of CVEs and need to decide which vulnerabilities to patch first. Raw CVSS scores alone don't account for real-world exploitability, threat actor activity, or the specific asset context of an organization.

The Solution

Built a scoring engine that combines multiple data sources
Integrates CVSS base scores with EPSS exploit prediction data
Factors in CISA KEV (Known Exploited Vulnerabilities) catalog
Allows custom asset criticality weighting
Produces a prioritized, actionable list of vulnerabilities to remediate

Results

Reduces noise from thousands of CVEs to a focused remediation list

Combines multiple threat intelligence sources into a single score

Open-source tool available on GitHub

View on GitHub Interested? Let's Talk