Stakeholder-Specific Vulnerability Categorization
- Stakeholder-Specific Vulnerability Categorization (SSVC) is a framework that uses decision-tree logic to assign triage tiers rather than universal severity scores.
- It incorporates stakeholder context, such as asset importance and risk tolerance, to guide practical actions like Defer, Track, Attend, or Act.
- Empirical studies reveal that SSVC’s decision-based approach provides actionable insights that differ significantly from traditional severity and exploitability metrics.
Stakeholder-Specific Vulnerability Categorization (SSVC) is a decision-oriented prioritization framework for vulnerability response. In the comparative framing used in recent empirical work, SSVC is not a conventional numeric severity score like CVSS or a probabilistic exploit predictor like EPSS; it is a stakeholder-driven, decision-tree-based method that classifies a vulnerability into an action-relevant triage tier based on stakeholder context and decision criteria. Its function is therefore not simply to express how severe a vulnerability is, but to support the operational question of what to do next in vulnerability triage and prioritization (Koscinski et al., 19 Aug 2025).
1. Definition and conceptual basis
SSVC is treated in the literature as part of the class of tools used for vulnerability triage and prioritization. The comparative study of vulnerability scoring systems cites “Stakeholder-Specific Vulnerability Categorization (Version 2.0)” and the CISA SSVC guide, and frames SSVC as a method meant to help organizations decide what to do next about a vulnerability rather than simply how severe it is. This distinguishes it from frameworks that prioritize universal severity characterization or exploit-likelihood estimation (Koscinski et al., 19 Aug 2025).
The operational logic associated with SSVC is decision-tree based. The bibliography of the empirical comparison explicitly connects the method to decision-tree modeling and to the CISA SSVC guide, implying a structured set of branching questions that map a vulnerability to a triage outcome. In that framing, SSVC is a tiered categorization scheme rather than a continuous score. This suggests that its primary output is a policy-relevant action category, not a scalar intended for cross-context ranking.
A central property of SSVC is embedded in the term “stakeholder-specific.” The same vulnerability may be assigned different response categories depending on an organization’s assets, exposure, and risk tolerance. The framework therefore encodes context and response logic that generic severity metrics may miss, but that same contextual dependence reduces the extent to which SSVC outputs are universally comparable across organizations (Koscinski et al., 19 Aug 2025).
2. Decision structure and triage outcomes
In the standard framing summarized by the empirical comparison, SSVC typically produces response tiers such as Defer, Track, Attend, and Act. These are used as ranked action priorities rather than numeric scores. The supplied interpretation is: Defer denotes low urgency and no immediate action; Track denotes monitoring and continued observation; Attend denotes planned remediation; and Act denotes an immediate response requirement (Koscinski et al., 19 Aug 2025).
The decision criteria behind these tiers are stakeholder-dependent and usually incorporate whether the vulnerability is exploitable in practice, whether exploitation is active or likely, the impact on the stakeholder’s mission or environment, whether compensating controls exist, and whether exposure is relevant to the stakeholder’s specific assets. This structure explains why SSVC is better understood as a response framework than as a universal severity taxonomy.
One experimental study that evaluates LLMs for vulnerability triage and prioritization operationalizes SSVC through four SSVC decision points (SDPs): Exploitation, Automatable, Technical Impact, and Mission and Wellbeing. In that study, the final SSVC output is one of four stakeholder decision outcomes (SDOs): Track, Track*, Attend, and Act. The official SSVC decision tree is treated as deterministic: the model predicts the four decision points, those values are parsed through the SSVC decision tree, and the resulting action is compared with ground truth (Haddad et al., 21 Oct 2025).
| Decision point | Values used in one evaluation | Brief interpretation |
|---|---|---|
| Exploitation | None, Public PoC, Active | Evidence of exploitation status |
| Automatable | No, Yes | Whether exploitation can be automated |
| Technical Impact | Partial, Total | System-level damage caused by exploitation |
| Mission and Wellbeing | Low, Medium, High | Context-specific organizational and human impact |
The same study emphasizes that Mission and Wellbeing is inherently stakeholder-specific. Because its dataset did not directly provide those labels, it simulated them using three “Mission and Wellbeing Stand-ins (MWSs)”: High for an electric power generation company, Medium for a supermarket chain, and Low for a small town leisure centre. This is a concrete illustration of how SSVC’s final recommendation depends on the stakeholder context in which the decision is made (Haddad et al., 21 Oct 2025).
3. Position among vulnerability scoring systems
A large-scale empirical comparison analyzes four publicly available vulnerability scoring systems—CVSS, SSVC, EPSS, and the Microsoft Exploitability Index—using a dataset of 600 real-world vulnerabilities derived from four months of Microsoft’s Patch Tuesday disclosures. Within that comparison, SSVC is assigned a distinct role: stakeholder-driven triage and response categorization rather than broad severity characterization, exploit prediction, or exploitability-focused categorization (Koscinski et al., 19 Aug 2025).
| System | Framing in the comparison |
|---|---|
| CVSS | Broad severity characterization |
| EPSS | Exploit prediction / likelihood-of-exploitation ranking |
| Exploitability Index | Exploitability-focused categorization |
| SSVC | Stakeholder-driven triage and response categorization |
The paper’s main empirical message is that these systems often disagree substantially, including on the highest-priority vulnerabilities. SSVC therefore should not be treated as a direct substitute for CVSS or EPSS. The paper’s explicit conclusions are that SSVC is better viewed as an operational prioritization tool for stakeholder-specific response, and that vulnerability management teams need to be explicit about what each metric is optimizing for (Koscinski et al., 19 Aug 2025).
The study reports that it compared overlap among top-ranked vulnerabilities across systems, examined correlation agreement among CVSS, Exploitability Index, EPSS, and SSVC, and included appendix figures for Pearson correlation, Spearman correlation, Kendall’s tau, and overlap between top- ranked CVEs. The important reported result is that agreement is limited. In practical terms, the vulnerabilities SSVC classifies as urgent may differ substantially from those identified by severity-based or exploit-prediction systems.
4. Empirical evaluation of SSVC-assisted triage with LLMs
SSVC has also been used as the target decision framework in work on LLM-assisted vulnerability triage. A study evaluating four models—ChatGPT 4o-mini, Claude 3 Haiku, Gemini Flash 1.5, and DeepSeek R1—tests twelve prompting techniques on 384 real-world vulnerabilities sampled from the VulZoo dataset, with SSVC-aligned labels from Vulnrichment used as ground truth for the decision points and final decision outcomes. The paper reports 165,888 total queries in its experimental design description, with three trials per prompt configuration and three Mission and Wellbeing stand-ins (Haddad et al., 21 Oct 2025).
The evaluation is deliberately two-stage. First, the LLM predicts the four SSVC decision points. Second, those predicted values are passed through the SSVC decision tree to derive the final action recommendation. This mirrors analyst reasoning more closely than direct action-label prediction and makes errors more traceable, because a wrong final outcome can be inspected at the level of the mispredicted decision point.
Quantitatively, the strongest decision point is Exploitation, followed by Automatable and Technical Impact, while Mission and Wellbeing is the hardest. The best reported F1 scores are 0.7898 for Exploitation, about 0.6635 for Automatable, about 0.6495 for Technical Impact, and 0.4317 for Mission and Wellbeing. Gemini is reported as the strongest overall model, and exemplar-based prompting styles such as CoT, FSWE, FS, and OS generally perform best. At the final SDO level, agreement remains limited: unweighted Cohen’s kappa is reported as low, about 0.06 to 0.10, and only DeepSeek R1 achieves fair agreement under weighted metrics (Haddad et al., 21 Oct 2025).
The study’s principal conclusion is that current LLMs do not replace expert judgment. They may support vulnerability prioritization workflows as decision support, first-pass triage, or analyst aides, but final SSVC decisions remain too error-prone for full automation. A recurring error pattern is over-predicting risk, with false positives exceeding false negatives and a tendency to recommend more severe outcomes such as Act and Attend rather than Track or Track* (Haddad et al., 21 Oct 2025).
5. SSVC-like extensions in stakeholder-aware security research
Several papers adopt a stakeholder-centric logic that is explicitly described as close to SSVC or interpretable through an SSVC lens, even when the formal SSVC decision tree is not used. In prompt-injection benchmarking for real-world web agents, StakeBench is described as making the same central move that SSVC advocates: vulnerabilities should not be classified only by attack surface or exploit mechanics, but by who is harmed and how. The benchmark distinguishes three stakeholders—User, Seller, and Platform—defines 12 concrete objectives, and evaluates each case with ASR, TDR, and BIR, producing four failure regimes: Robust Behavior, Stealthy Parasitism, Misaligned Disruption, and Compounded Failure (Wang et al., 11 Jun 2026).
This benchmark is not presented as formal SSVC, but as a practical categorization framework for vulnerability by affected stakeholder and harm type in a web-agent setting. Its empirical results show heterogeneous vulnerabilities under indirect prompt injection, including average ASR values of 54.91% for NanoBrowser and 56.09% for BrowserUse, with no objective occupying a robust-behavior region in the objective-level analysis. A plausible implication is that stakeholder-aware categorization can expose harms that single attack-success metrics systematically obscure (Wang et al., 11 Jun 2026).
A separate LLM security paper proposes a stakeholder-oriented risk assessment process grounded in the OWASP Risk Rating Methodology. It identifies three stakeholder groups—LLM fine-tuning developers / organizations, LLM API integration developers, and End users—and uses a three-step workflow of scenario analysis, dependency mapping, and impact analysis to derive a threat matrix. The scoring rule is the standard OWASP formula
with factors scored on a 0 to 9 scale. The paper explicitly states that this is not SSVC in the formal sense because it does not use SSVC decision points or a structured decision tree, but it is characterized as an SSVC-like approximation that is stakeholder-aware, structured, and action-guiding (Pankajakshan et al., 2024).
In model evaluation for vulnerability detection, SecLens-R is framed as conceptually close to SSVC-style thinking because it rejects one-size-fits-all evaluation and instead computes role-specific composite Decision Scores. It defines 35 shared dimensions grouped into 7 measurement categories, with 5 role-specific weighting profiles—CISO, Chief AI Officer, Security Researcher, Head of Engineering, and AI-as-Actor—and shows that the same model can differ by as much as 31 points across stakeholder perspectives. The paper is explicit that SecLens-R is not SSVC itself: SSVC prioritizes vulnerabilities and remediation decisions, whereas SecLens-R prioritizes models used to detect vulnerabilities (Halder et al., 2 Apr 2026).
6. Limitations, interpretation, and practical significance
The empirical comparison of scoring systems identifies several SSVC-specific limitations. First is context dependence: because SSVC is stakeholder-specific, its outputs are not globally comparable in the way a universal severity score is intended to be. Second is decision-tree sensitivity: small differences in inputs or stakeholder assumptions can lead to different tiers. Third is cross-system inconsistency: SSVC may disagree with exploit-prediction or severity-based systems, which complicates enterprise prioritization when multiple tools are used. Fourth is a broader need for transparency, especially because SSVC’s branching logic is less compact than a single numeric score (Koscinski et al., 19 Aug 2025).
These limitations are closely tied to SSVC’s strengths. The framework is valuable when an organization wants a policy- and mission-aligned triage framework, because it maps vulnerability information to response categories more directly tied to stakeholder actionability than to universal exploitability. At the same time, that actionability is obtained by incorporating assumptions about exposure, mission, controls, and risk tolerance that may vary sharply across environments.
A common misconception is to treat SSVC as another scalar risk score. The comparative evidence argues against that interpretation. SSVC is better understood as an operational decision framework whose outputs encode stakeholder-specific response logic. The broader implication drawn in the empirical work is that organizations should avoid relying on a single score. SSVC can be useful precisely because it captures context that severity metrics miss, but it is most effective when integrated with other evidence rather than treated as standalone ground truth (Koscinski et al., 19 Aug 2025).