This is why I'm glad to see some tools are starting to adopt the Exploit Prediction Scoring System (EPSS). It seems to do a little better job of helping defenders see how "bad" a vulnerability really is and prioritize more accurately.