“Show the vulnerabilities for Microsoft products related to ransomware”  

“Show ransomware CVEs with critical severity”  

“What’s the average CVSS score for ransomware CVEs?”  

“List CVEs published each month in 2024 with known exploits”  

“What products had Critical vulnerabilities that were automatable in 2025?”  

“Find the 10  products with the highest number of critical cves in the past two years. Show vendor, product, and total cves.”

Automatable: indicates whether an attacker can automate exploitation of the vulnerability across multiple targets. Can be used to locate CVEs related to AI-automated threats; possible values: YES, NO, NOT_DEFINED

Value Density: whether the vulnerable component holds a high concentration of critical assets (e.g., sensitive data, essential services); possible values are DIFFUSE, CONCENTRATED, NOT_DEFINED

Provider Urgency: reflects the level of urgency communicated by the vendor or maintainer of the affected product or service regarding a vulnerability; possible values are CLEAR, GREEN, AMBER, RED, NOT_DEFINED