Please note, the format for the EPSS has changed as of September 1st, 2021. The current fields in the available data are:
cve: The CVE identifier as specified by Mitre’s CVE List
epss: the EPSS score representing the probability [0-1] of exploitation in the wild in the first 12 months of publication
percentile: the percentile of the current score, the proportion of all scored vulnerabilities with the same or a lower EPSS score
The comma-separated values (CSV) contain the CVE Identifier and the EPSS score as of the date the data was generated.