@drizzy @bagder I enjoy UI:N for a command-line tool where the bug (not vulnerability) is a specific flag you have to use.
This seems maliciously done by whomever reported it as a security issue in the first place IMO. NVD is a bit of a silly middleman pushing papers but I have no idea how TF they came up with that scoring.