**Approach (brief)** Calculate a priority score combining CVSS (0–10), exploitability multiplier (exploit-db-known), asset-criticality (1–5 scale), and recency decay from last-seen-days. Sort descending by final score.**Scoring formula** text
base_exploitability = cvss / 10
exploitability = base_exploitability * (2 if exploit_db_known else 1)
recency_factor = 1 / (1 + last_seen_days / 30) # half-life ~30 days
raw_score = exploitability * cvss # emphasize high CVSS
final_score = raw_score * exploitability * recency_factor * (asset_criticality / 3)
Plain English: exploitability doubles if known; recency decays roughly exponentially-like with 30-day scale; asset_criticality scales final.**Python implementation**python
from typing import List, Dict
def prioritize(vulns: List[Dict]) -> List[Dict]:
def score(v):
cvss = float(v.get('cvss', 0))
exploit_known = bool(v.get('exploit-db-known', False))
ac = float(v.get('asset-criticality', 3)) # default medium
days = float(v.get('last-seen-days', 0))
base_exp = cvss / 10.0
exp = base_exp * (2.0 if exploit_known else 1.0)
recency = 1.0 / (1.0 + days / 30.0)
raw = exp * cvss
final = raw * exp * recency * (ac / 3.0)
return final
return sorted(vulns, key=lambda x: score(x), reverse=True)
**Key concepts & reasoning**- Doubling exploitability raises priority quickly for known exploits.- CVSS weighted both as severity and within exploitability to prefer high-severity, easily-exploitable issues.- Asset-criticality is a multiplier to reflect business impact.- Recency reduces noisy old findings gradually.**Complexity**- Time: O(n log n) due to sorting; scoring O(1) per item.- Space: O(n) for output list.**Edge cases**- Missing/invalid fields defaulted safely; consider normalizing asset_criticality and bounding cvss (0–10). Alternative: logistic decay or different half-life depending on program cadence.