Every CVE whose affected-product data names Owasp Coreruleset, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (1)
CVE-2023-38199 — CVSS 9.8 (critical): coreruleset (aka OWASP ModSecurity Core Rule Set) through 3.3.4 does not detect multiple Content-Type request headers on some platforms…