Exploit Prediction – EPSS

Introduction

The Exploit Prediction Scoring System (EPSS) is a data-driven predictive model that estimates the probability of a vulnerability being actively exploited in the wild. Unlike traditional severity scoring (e.g., CVSS) that only measures potential impact, EPSS focuses on real-world exploitability.

By leveraging threat intelligence feeds and machine learning models, it enables security teams to prioritize patching based on what attackers are most likely to exploit ensuring smarter and more efficient risk management.

Top 10 Exploitable Vulnerabilities – Last 24 Hours

This section highlights the highest-risk vulnerabilities identified in the last 24 hours.

Each card includes:

  • CVE ID – Unique identifier (e.g., CVE-2023-42793).

  • Vendor/Product – The affected software (e.g., TeamCity, Jenkins, Joomla, Confluence, FortiProxy).

  • Score – Severity score (e.g., 9.8 Critical, 7.3 High).

  • Prediction Percentage – Likelihood of exploitation (e.g., +94.58 Prediction).

This real-time snapshot helps analysts immediately see which vulnerabilities need urgent attention.

Top 100 Vulnerabilities with Highest Delta

Below the Top 10, the dashboard provides a ranked table of the 100 vulnerabilities that show the largest delta (change) in exploitability likelihood.

Each row provides:

  • CVE ID – Vulnerability reference (clickable for more details).

  • Vendors – The vendor responsible (or N/A if unspecified).

  • Score – The severity rating based on CVSS.

  • Published Date – When the CVE was first disclosed.

  • EPSS Scoring Date – When the prediction score was last calculated.

  • EPSS – The current probability of exploitation (e.g., 99.98%).

This feature is extremely powerful for tracking trending vulnerabilities those that suddenly become more attractive for attackers even if they are not newly published.

Why This Matters

  • For SOC & Blue Teams – EPSS provides actionable prioritization, letting teams patch the most dangerous vulnerabilities first.

  • For Executives – It connects technical risk (CVE IDs) to business risk (likelihood of breach).

  • For Threat Hunters – It identifies vulnerabilities already being weaponized, improving detection and response readiness.

AttackMetricx doesn’t just show static vulnerability lists; it predicts tomorrow’s attacks today, giving organizations a critical time advantage.

PreviousTechnology WatchNextCISA KEV Catalog

Last updated

Was this helpful?