Vulnerability Calculator
Score any vulnerability against the official CVSS v3.1 base metrics — with plain-language hints, no jargon required.
8 quick questions · ~1 minute
What is CVSS & CVE?
A short introduction for anyone new to IT security.
CVE — Common Vulnerabilities and Exposures
A CVE is a publicly disclosed security flaw in software or hardware. Think of it like a bug report that the whole world can see. Each CVE gets a unique ID (e.g. CVE-2021-44228) so security teams worldwide can talk about the same flaw without confusion. The infamous "Log4Shell" flaw is that exact CVE — it let attackers run any code on millions of servers.
CVSS — Common Vulnerability Scoring System
Not all flaws are equally dangerous. CVSS is a standardised method to measure how bad a vulnerability really is. It produces a score from 0.0 to 10.0 based on factors like: how easy is it to exploit? Does the attacker need a password first? Can it be done over the internet? How much data could be stolen or damaged?
Why does it matter?
Security teams receive hundreds of vulnerability alerts every month. CVSS scores help them prioritise which ones to fix first. A score of 9.8 is a five-alarm fire; a score of 2.1 can usually wait. This calculator lets you score any vulnerability using the official CVSS v3.1 Base Metrics.
CVSS v3.1 Severity Scale
Your CVSS Result
CVSS v3.1 Vector String
Shareable Result URL
Metric Breakdown
How Dangerous Is This?