let timeframe = 30d; //Customizable h = hours, d = days
let ExploitableVulnerabilities = materialize
(DeviceTvmSoftwareVulnerabilitiesKB
| where IsExploitAvailable == 1
| where PublishedDate > (now() - timeframe)
| project CveId);
DeviceTvmSoftwareVulnerabilities
| join ExploitableVulnerabilities on CveId
| summarize count(), ExploitableCVE = make_set(CveId) by DeviceName
| top 10 by count_