during Operation Lunar Peek in November 2024attackers gained unauthenticated remote administrator access and eventually root 13,000 exposed Palo Alto Networks management interface. Palo Alto Networks scored CVE-2024-0012 9.3 and CVE-2024-9474 In 6.9 under CVSS v4.0. NVD won the same pair 9.8 and 7.2 under CVSS v3.1. Two grading systems. Two different answers for the same vulnerabilities. Dropped below the 6.9 patch thresholds. Admin access requested. 9.3 sat in the queue for repairs. Segmentation will continue.
"Adversaries circumvent vulnerabilities by chaining them together (severity rating)," Adam Meyers, SVP of Adversary Operations at CrowdStrike, said in an exclusive interview with VentureBeat on April 22, 2026. About chain-skipping triage logic: "They just lost their memory 30 seconds ago."
Both sit on CVE CISA Directory of Known Exploited Vulnerabilities. No score marked the kill chain. The triage logic consuming these scores treated each CVE as an isolated event, and SLA panels and the board reported feeding these dashboards.
CVSS did exactly what it was designed to do. List one weakness at a time. The problem is that opponents don’t attack one weakness at a time.
"CVSS baseline scores are theoretical measures of severity that do not take into account real-world context," he wrote Peter Chronis, former CISO of Paramount and security leader with Fortune 100 experience. By moving beyond CVSS-first priority at Paramount, Chronis reported a 90% reduction in critical and high-risk vulnerabilities. Chris Gibson, executive director of FIRST, the organization that provides CVSS, was equally direct: using only CVSS baseline scores for prioritization "least relevant and accurate" method, Gibson This was reported by The Register. It belongs to FIRST itself EPS and CISA’s SSVC decision model addresses some of this gap by adding exploit probability and decision tree logic.
The five triage failure classes CVSS was never intended to capture
In 2025 48 185 CVE disclosedan increase of 20.6% year-on-year. Jerry Gamblin, Principal Engineer, Cisco Threat Detection and Response, 70,135 projects for 2026. The infrastructure behind the accounts buckles under this weight. NIST announced on April 15 Since 2020, CVE submissions have increased by 263%, and NVD will now prioritize enrichment only for KEV and federally critical software.
1. Chained CVEs until they appear safe
From the Palo Alto couple Operation Moon Peek it is a textbook. CVE-2024-0012 authentication passed. CVE-2024-9474 elevated privileges. Assessed separately in both CVSS v4.0 and v3.1, the escalation flaw was filtered below most enterprise patch thresholds because admin access was required. Authentication upstream has completely removed this prerequisite. No score reported a compound effect.
Meyers described the operational psychology: teams evaluated each CVE independently, prioritized the lower score, and queued the higher one for maintenance.
2. Enemies of the nation-state arming patches within days
The CrowdStrike 2026 Global Threat Report documented a 42% year-over-year increase in vulnerabilities exploited zero days before public disclosure. Average breakout time across observed interventions: 29 minutes. Fastest observed break: 27 seconds. China-nexus adversaries weaponize newly patched vulnerabilities within two to six days.
"It used to be Patch Tuesday once a month. Now it’s a patch every day, all the time. This is what this new world looks like." said Daniel Bernard, Chief Business Officer of CrowdStrike. The KEV add-on, which is considered a regular queue item on Tuesday, becomes an active operation window until Thursday.
3. CVEs held by nation-state actors for years
Salt Typhoon During the presidential transition, the communications of high-level US political figures were hacked CVE-2023-20198 with CVE-2023-20273 The privilege escalation pair on internet-facing Cisco devices was patched in October 2023 and still hasn’t been implemented more than a year later. Vulnerable credentials provided a parallel access vector. Patches were available. None applied.
In 2025, 67 percent of vulnerabilities exploited by China-nexus adversaries were remote code execution flaws that provide immediate access to the system. CrowdStrike 2026 Global Threat Report. CVSS does not deprioritize a CVE based on how long it has been unpatched. No board tracks the aging of the metric KEV.
This silence is weakness.
4. Identity gaps that never enter the evaluation system
A 2023 help desk social engineering call against a major enterprise resulted in over $100 million in losses. No CVEs were assigned. CVSS score was not available. No patch pipeline entries were created. The weakness was a gap in the human process of identity verification and sat completely outside the aperture of the evaluation system.
"If all you have to do is call the help desk and say that I forgot my password, the specialist will need zero days," Meyers said.
Agency AI systems now carry their own identity credentials, API tokens, and permissions that operate outside of traditional vulnerability management controls. Merritt Baer, CSO at Enkrypt AI, noted that identity-level controls are the equivalent of vulnerabilities that fall under the same reporting line as software CVEs. In most organizations, help desk authentication gaps and agent AI credential inventories live in separate management silos. In practice, no one controls.
5. AI-accelerated discovery that breaks pipeline capacity
Anthropic Claude Mythos Preview demonstrated autonomic vulnerability discovery, a 27 signed integer overflow A total of about 1000 scaffolds in OpenBSD’s TCP SACK implementation estimated cost is less than $20,000. In an exclusive interview with VentureBeat, Meyers offered a thought-experimental projection: if frontier AI drives volume growth 10x, the result is roughly 480,000 CVE per year. Pipelines built for 48,000 break at 70,000 and collapse at 480,000. NVD enrichment for non-KEV submissions has already passed.
"If an adversary can find vulnerabilities faster than the defenders or the business, that’s a big problem because those vulnerabilities become exploitable." said Daniel Bernard, Chief Business Officer of CrowdStrike.
CrowdStrike launched Thursday A QuiltWorks projectA remediation coalition with Accenture, EY, IBM Cybersecurity Services, Kroll and OpenAI was formed to address the volume of vulnerabilities created by frontier AI models in production code. When five major firms form a coalition around a pipeline problem, no organization’s patchwork workflow can keep pace.
Safety director action plan
The five failure classes above indicate five specific actions.
Perform a chain dependency audit on every KEV CVE in the environment this month. Flag any resident CVE with a score of 5.0 or higher, the threshold at which privilege escalation and lateral movement opportunities are commonly seen in CVSS vectors. Any pair of chaining authentications for privilege escalation is considered critical regardless of individual scores.
Compress KEV-to-patch SLAs to 72 hours for Internet-connected systems. The CrowdStrike 2026 Global Threat Report Average output data of 29 minutes and fastest output of 27 seconds make the weekly patch windows indefensible in the board presentation.
Prepare a monthly KEV aging report for the board. For each unpatched KEV CVE, days since disclosure, days since patch availability, and owner. Salt Typhoon used a Cisco CVE patched 14 months ago because no escalation path was available for the aging exposure.
Add identity surface controls to the vulnerability reporting pipeline. Help desk authentication vulnerabilities and agent AI credential inventories fall under the same SLA framework as software CVEs. If they sit in a separate management silo, they don’t sit under anyone’s control.
Stress-test pipeline capacity at 1.5x and 10x current CVE volumes. Gamblin projects 70,135 For 2026. Meyers’ thought-experiment projection: frontier AI could exceed 480,000 annual volumes. Present the capability gap to the CFO before the next budget period, not after the breach that proves the gap exists.
