Looking to see if there is a query that we can setup that will let us filter for vulnerabilities that are actively tested and determined to have been exploitable vs vulnerabilities that are tied to values in a config/file and have not been tested over the course of a Rapid7 scan.