EPSS Data

The current fields in the available data are:

• cve : The CVE identifier as specified by MITRE’s CVE List
• epss : the EPSS score representing the probability [0-1] of exploitation in the wild in the next 30 days (following score publication)
• percentile : the percentile of the current score, the proportion of all scored vulnerabilities with the same or a lower EPSS score

The comma-separated values (CSV) contain the CVE Identifier and the EPSS score as of the date the data was generated.

EPSS Report for Saturday, Jun 10, 2023

• 204,652 total CVEs scored
• 42 CVEs are newly scored

• Exploit Prediction Scoring System (EPSS)
  • Frequently Asked Questions
  • The EPSS Model
  • Related Papers
  • Data and Statistics
  • API
  • User Guide and Exploit Data
  • Contributing Articles
    • Understanding EPSS Probabilities and Percentiles
    • Log4Shell Use Case
    • Estimating CVSS v3 Scores for 100,000 Older Vulnerabilities
  • Data Partners