EPSS Score Checker
Check the exploitation probability for any CVE. EPSS estimates the likelihood a vulnerability will be exploited in the wild within the next 30 days.
Enter up to 20 CVE IDs separated by commas, spaces, or newlines.
What is EPSS?
EPSS (Exploit Prediction Scoring System) is a model developed by FIRST that estimates the probability a vulnerability will be exploited in the wild within 30 days. Unlike CVSS which measures severity, EPSS measures likelihood. Scores are updated daily.
EPSS vs CVSS
CVSS tells you how bad a vulnerability could be (impact). EPSS tells you how likely it is to be exploited (probability). A CVSS 6.5 with EPSS 0.85 is a bigger real-world risk than a CVSS 9.8 with EPSS 0.01. Learn more.