I cannot help but feel baffled by the way MITRE calculate the score of CVEs. I mean, we have the Common Vulnerability Scoring System (CVSS) to help standardize the process and get an estimated score about the severity of a vulnerability, but the MITRE team that assigns/publishes a CVE appears to have their own understanding […]