KennaSecurity has a feature to "predict the exploitability" of a vulnerability based on a few attributes, and is used widely in KennaVM and KennaVI. It is called EPSS.
EPSS is the first open, data-driven framework for assessing vulnerability threat: that is, the probability that a vulnerability will be exploited in the wild within the first twelve months after public disclosure.
This scoring system has been designed to be simple enough to be implemented without specialized tools or software.
Link: