10.0 is mentioned in the blog post - I don't follow CVE nomenclature closely but that's the score, right? And it's as bad as it can get?<p>I assume the CVE website would normally have this info but it's only showing the number as reserved right now.