Add record to vulnerability risk score table when new vulnerability created

Whenever a new vulnerability is created, we have to add an entry to the vulnerability_metrics with the vulnerability risk score at calculated as follows

Vulnerability Risk Score = Base Score + EPSS Modifier + KEV Modifier

Base Score: set according to the vulnerability severity level:

Critical: 0.6
High: 0.4
Medium: 0.2
Low: 0.05

EPSS modifier:

Base modifier: `EPSS_Score × 0.3`
Additional bonus:
- EPSS >= 0.5: 0.2
- EPSS >= 0.1: 0.1

KEV Modifier: If the Vulnerability is known to be exploited, we add 0.3 to the risk score

New vulnerabilities are created:

After ingestion of vulnerability reports
From API:
- Use adds manually a vulnerability
- Starboard ingestion
Continuous Vulnerability Scanning

Edited Sep 18, 2025 by Schmil Monderer