Tag
The article proposes a new severity model for vulnerability reporting based on collision counts and the presence of working exploits, arguing that the current disclosure model is broken and that patches should be prioritized when multiple researchers find the same bug or exploits are public.