EPSS Data

The current fields in the available data are:

• cve : The CVE identifier as specified by MITRE’s CVE List
• epss : the EPSS score representing the probability [0-1] of exploitation in the wild in the next 30 days (following score publication)
• percentile : the percentile of the current score, the proportion of all scored vulnerabilities with the same or a lower EPSS score

The comma-separated values (CSV) contain the CVE Identifier and the EPSS score as of the date the data was generated.

If you would like historical data for EPSS, you can directly access daily files by entering the target date into the URL in this format: https://epss.cyentia.com/epss_scores-YYYY-mm-dd.csv.gz, where YYYY is the four digit year, mm is the two digit month and dd is a two digit day. For example, if you want to pull February 1st, 2023, you would retrieve https://epss.cyentia.com/epss_scores-2023-02-01.csv.gz.

If you do historical analysis, keep in mind the following dates:

• No scores are available before 2021-04-14
• EPSS v2 (v2022.01.01) started publishing on 2022-02-04, you will see a major shift in most scores on that day, and the files now include a comment at the start with # stating the model version and publish date.
• EPSS v3 (v2023.03.01) started publishing on 2023-03-07, you will see a major shift in most scores on that day.

EPSS Report for Monday, Dec 4, 2023

• 218,410 total CVEs scored
• 139 CVEs are newly scored

• Exploit Prediction Scoring System (EPSS)
  • The EPSS Model
  • Data and Statistics
  • User Guide
  • EPSS Research and Presentations
  • Frequently Asked Questions
  • Who is using EPSS?
  • Open-source EPSS Tools
  • API
  • Related Exploit Research
  • Blog
    • Understanding EPSS Probabilities and Percentiles
    • Log4Shell Use Case
    • Estimating CVSS v3 Scores for 100,000 Older Vulnerabilities
  • Data Partners