Calculate CVSS 4.0 and 3.1 base scores, severity ratings, and vectors locally in your browser.
None
CVSS 4.0
CVSS is owned by FIRST.Org, Inc. and used by permission. This calculator implements the Common Vulnerability Scoring System specification and is not the official FIRST calculator. See FIRST's CVSS 4.0 specification , CVSS 4.0 user guide , CVSS 3.1 specification , and CVSS 3.1 user guide .
The Common Vulnerability Scoring System (CVSS) is a standard framework for describing the technical severity of software, hardware, and firmware vulnerabilities. Security teams use CVSS vectors to communicate how a vulnerability can be exploited, what privileges are required, whether user interaction is needed, and what impact exploitation could have on confidentiality, integrity, and availability.
This CVSS calculator supports CVSS 4.0 and CVSS 3.1 base score calculations. CVSS 4.0 introduces updated metrics such as Attack Requirements and separate vulnerable-system and subsequent-system impact metrics. CVSS 3.1 remains widely used in vulnerability advisories, security reports, ticketing workflows, and vulnerability management platforms.
A CVSS score should not be treated as a complete risk decision by itself. Use the resulting score and vector as one input alongside exploit availability, internet exposure, asset criticality, compensating controls, customer impact, regulatory requirements, and your organization's risk tolerance.
Use CVSS 4.0 when you want the latest CVSS scoring model and a more expressive vulnerability vector. Use CVSS 3.1 when you need compatibility with existing advisories, scanners, security tools, or vulnerability management workflows that have not yet adopted CVSS 4.0.
This tool calculates scores locally in your browser and does not send vectors or metric selections to a server.