Exploit

An exploit is the concrete code or technique that turns a vulnerability into an actual compromise — the weaponization step. The risk equation is threat actor + vulnerability + exploit = active attack; remove any one and there’s no incident. Public exploit availability (proof-of-concept code, Metasploit modules) sharply raises urgency, feeding CVSS Temporal/Environmental scores and threat-intel feeds like CISA KEV that flag what’s being exploited in the wild.