{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "$id": "#/components/schemas/Vulnerability",
  "title": "Vulnerability",
  "type": "object",
  "description": "Represents a known vulnerability (CVE) detected by Microsoft Defender Vulnerability Management, including severity, CVSS scoring, exploit information, and exposure metrics.",
  "properties": {
    "id": {
      "type": "string",
      "description": "The vulnerability ID (CVE identifier).",
      "examples": [
        "CVE-2024-7256"
      ]
    },
    "name": {
      "type": "string",
      "description": "The vulnerability title."
    },
    "description": {
      "type": "string",
      "description": "A detailed description of the vulnerability."
    },
    "severity": {
      "type": "string",
      "description": "The severity of the vulnerability.",
      "enum": [
        "Low",
        "Medium",
        "High",
        "Critical"
      ]
    },
    "cvssV3": {
      "type": [
        "number",
        "null"
      ],
      "format": "double",
      "description": "The CVSS v3 score."
    },
    "cvssVector": {
      "type": [
        "string",
        "null"
      ],
      "description": "A compressed textual representation that reflects the values used to derive the CVSS score.",
      "examples": [
        "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
      ]
    },
    "exposedMachines": {
      "type": "integer",
      "format": "int64",
      "description": "The number of exposed devices."
    },
    "publishedOn": {
      "type": "string",
      "format": "date-time",
      "description": "The date when the vulnerability was published."
    },
    "updatedOn": {
      "type": "string",
      "format": "date-time",
      "description": "The date when the vulnerability was last updated."
    },
    "publicExploit": {
      "type": "boolean",
      "description": "Whether a public exploit exists."
    },
    "exploitVerified": {
      "type": "boolean",
      "description": "Whether the exploit has been verified to work."
    },
    "exploitInKit": {
      "type": "boolean",
      "description": "Whether the exploit is part of an exploit kit."
    },
    "exploitTypes": {
      "type": "array",
      "items": {
        "type": "string"
      },
      "description": "The types of exploit effects.",
      "examples": [
        [
          "Local privilege escalation",
          "Denial of service",
          "Local"
        ]
      ]
    },
    "exploitUris": {
      "type": "array",
      "items": {
        "type": "string",
        "format": "uri"
      },
      "description": "Exploit source URLs."
    },
    "cveSupportability": {
      "type": "string",
      "description": "The CVE supportability status.",
      "enum": [
        "Supported",
        "NotSupported",
        "SupportedInPremium"
      ]
    },
    "epss": {
      "type": [
        "number",
        "null"
      ],
      "description": "The Exploit Prediction Scoring System (EPSS) probability that the vulnerability will be exploited, expressed as a value between 0 and 1.",
      "minimum": 0,
      "maximum": 1
    },
    "status": {
      "type": [
        "string",
        "null"
      ],
      "description": "The remediation status of the vulnerability.",
      "enum": [
        "RemediationRequired",
        "NoActionRequired",
        "UnderException",
        "PartialException",
        null
      ]
    }
  }
}