diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml
index 175d4a263..470a23bb2 100644
--- a/.github/workflows/build-and-test.yml
+++ b/.github/workflows/build-and-test.yml
@@ -48,11 +48,24 @@ jobs:
     runs-on: ubuntu-latest
     container: ${{ vars.IMAGE_REGISTRY }}/greenbone/gvmd-build:stable
     steps:
+      - name: Install git for Codecov uploader
+        run: |
+          apt update
+          apt install --no-install-recommends -y ca-certificates git
+          rm -rf /var/lib/apt/lists/*
       - name: Check out gvmd
         uses: actions/checkout@v4
+      - name: Set git safe.directory
+        run: git config --global --add safe.directory '*'
       - name: Build gvmd
         run: |
           cmake -B build -DCMAKE_BUILD_TYPE=Debug -DENABLE_COVERAGE=1
           cmake --build build
       - name: Configure and run tests
         run: CTEST_OUTPUT_ON_FAILURE=1 cmake --build build -- tests test
+      - name: Upload test coverage to Codecov
+        uses: codecov/codecov-action@v4
+        with:
+          file: build/coverage/coverage.xml
+          token: ${{ secrets.CODECOV_TOKEN }}
+          flags: unittests
diff --git a/.github/workflows/build-container.yml b/.github/workflows/build-container.yml
index b927fd34d..3133f6ced 100644
--- a/.github/workflows/build-container.yml
+++ b/.github/workflows/build-container.yml
@@ -52,7 +52,7 @@ jobs:
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
       - name: Build and push
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
         with:
           context: .
           push: true
diff --git a/.github/workflows/build-docs.yml b/.github/workflows/build-docs.yml
index 6557c2ab6..d4a8bb68d 100644
--- a/.github/workflows/build-docs.yml
+++ b/.github/workflows/build-docs.yml
@@ -12,6 +12,8 @@ jobs:
     steps:
       - name: Run the c lang coverage action
         uses: greenbone/actions/doc-coverage-clang@v3
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
 
   build-gmp-doc:
     name: Build GMP documentation
diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml
index 88aa3ef3e..e59303eff 100644
--- a/.github/workflows/container.yml
+++ b/.github/workflows/container.yml
@@ -75,7 +75,7 @@ jobs:
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
       - name: Build and push Container image
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
         with:
           context: .
           push: ${{ github.event_name != 'pull_request' && (github.ref_type == 'tag' || github.ref_name == 'main') }}
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 4831fd2ca..cf44b15e4 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -236,9 +236,17 @@ if (NOT GVM_DEFAULT_DROP_USER)
 endif (NOT GVM_DEFAULT_DROP_USER)
 
 
+# Feature toggles
 if (NOT OPENVASD)
   set (OPENVASD 0)
 endif (NOT OPENVASD)
+add_definitions (-DOPENVASD=${OPENVASD})
+
+if (NOT CVSS3_RATINGS)
+  set (CVSS3_RATINGS 0)
+endif (NOT CVSS3_RATINGS)
+add_definitions (-DCVSS3_RATINGS=${CVSS3_RATINGS})
+
 
 message ("-- Install prefix: ${CMAKE_INSTALL_PREFIX}")
 
@@ -259,16 +267,22 @@ configure_file (tools/greenbone-scapdata-sync.in tools/greenbone-scapdata-sync @
 configure_file (tools/greenbone-certdata-sync.in tools/greenbone-certdata-sync @ONLY)
 configure_file (tools/gvm-manage-certs.in tools/gvm-manage-certs @ONLY)
 
+## Code coverage
+
+OPTION (ENABLE_COVERAGE "Enable support for coverage analysis" OFF)
+if (ENABLE_COVERAGE)
+  set (COVERAGE_FLAGS "--coverage -ftest-coverage -fprofile-arcs")
+  set (COVERAGE_DIR "${CMAKE_BINARY_DIR}/coverage")
+  file (MAKE_DIRECTORY ${COVERAGE_DIR})
+  message ("-- Code Coverage enabled")
+endif (ENABLE_COVERAGE)
+
 ## Testing
 
 enable_testing ()
 
 ## Program
 
-if (ENABLE_COVERAGE)
-  set (COVERAGE_FLAGS "--coverage")
-endif (ENABLE_COVERAGE)
-
 if (DEBUG_FUNCTION_NAMES)
   # The excluded functions are for update_nvti_cache, which fills the log
   # quickly.  Hopefully this internal NVTi cache is removed soon.
@@ -280,7 +294,7 @@ set (HARDENING_FLAGS            "-Wformat -Wformat-security -D_FORTIFY_SOURCE=2
 set (LINKER_HARDENING_FLAGS     "-Wl,-z,relro -Wl,-z,now")
 
 # To find unused functions, add: -flto -fwhole-program -ffunction-sections -Wl,--gc-sections -Wl,--print-gc-sections
-set (CMAKE_C_FLAGS              "${CMAKE_C_FLAGS} -Wall -D_BSD_SOURCE -D_ISOC99_SOURCE -D_SVID_SOURCE -D_DEFAULT_SOURCE -D_FILE_OFFSET_BITS=64 -DOPENVASD=${OPENVASD}")
+set (CMAKE_C_FLAGS              "${CMAKE_C_FLAGS} -Wall -D_BSD_SOURCE -D_ISOC99_SOURCE -D_SVID_SOURCE -D_DEFAULT_SOURCE -D_FILE_OFFSET_BITS=64 ${COVERAGE_FLAGS}")
 
 set (CMAKE_C_FLAGS_DEBUG        "${CMAKE_C_FLAGS_DEBUG} -Werror -Wshadow ${COVERAGE_FLAGS} ${DEBUG_FUNCTION_NAMES_FLAGS}")
 set (CMAKE_C_FLAGS_RELEASE      "${CMAKE_C_FLAGS_RELEASE} ${HARDENING_FLAGS} ${COVERAGE_FLAGS}")
diff --git a/README.md b/README.md
index 2b48ad1c1..b64e6f90b 100644
--- a/README.md
+++ b/README.md
@@ -3,7 +3,6 @@
 # Greenbone Vulnerability Manager
 
 [![GitHub releases](https://img.shields.io/github/release/greenbone/gvmd.svg)](https://github.com/greenbone/gvmd/releases)
-[![Code Documentation Coverage](https://img.shields.io/codecov/c/github/greenbone/gvmd.svg?label=Documentation%20Coverage&logo=codecov)](https://codecov.io/gh/greenbone/gvmd)
 [![Build and Test](https://github.com/greenbone/gvmd/actions/workflows/build-and-test.yml/badge.svg)](https://github.com/greenbone/gvmd/actions/workflows/build-and-test.yml)
 [![Docker Pulls](https://img.shields.io/docker/pulls/greenbone/gvmd.svg)](https://hub.docker.com/r/greenbone/gvmd/)
 [![Docker Image Size](https://img.shields.io/docker/image-size/greenbone/gvmd.svg?maxAge=2592000)](https://hub.docker.com/r/greenbone/gvmd/)
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index c075bdbdb..2f27baf66 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -262,6 +262,21 @@ add_custom_target (tests
                    DEPENDS
                    gmp-tickets-test manage-test manage-sql-test manage-utils-test utils-test)
 
+if (ENABLE_COVERAGE)
+  add_custom_target (coverage-html
+                     COMMAND gcovr --html-details ${COVERAGE_DIR}/coverage.html
+                     -r ${CMAKE_SOURCE_DIR} ${CMAKE_BINARY_DIR})
+  add_custom_target (coverage-xml
+                     COMMAND gcovr --xml ${COVERAGE_DIR}/coverage.xml
+                     -r ${CMAKE_SOURCE_DIR} ${CMAKE_BINARY_DIR})
+  add_custom_target (coverage DEPENDS coverage-xml coverage-html)
+endif (ENABLE_COVERAGE)
+
+add_custom_target (clean-coverage
+                   COMMAND find . -name *.gcda -delete -or -name *.gcno -delete
+                   COMMAND rm -f ${COVERAGE_DIR}/*)
+
+
 add_executable (gvmd
                 main.c gvmd.c
                 debug_utils.c
diff --git a/src/gmp.c b/src/gmp.c
index 0e8fda239..f98cc69f6 100644
--- a/src/gmp.c
+++ b/src/gmp.c
@@ -4360,6 +4360,7 @@ typedef enum
   CLIENT_GET_ASSETS,
   CLIENT_GET_CONFIGS,
   CLIENT_GET_CREDENTIALS,
+  CLIENT_GET_FEATURES,
   CLIENT_GET_FEEDS,
   CLIENT_GET_FILTERS,
   CLIENT_GET_GROUPS,
@@ -5295,6 +5296,10 @@ gmp_xml_handle_start_element (/* unused */ GMarkupParseContext* context,
                               &get_credentials_data->format);
             set_client_state (CLIENT_GET_CREDENTIALS);
           }
+        else if (strcasecmp ("GET_FEATURES", element_name) == 0)
+          {
+            set_client_state (CLIENT_GET_FEATURES);
+          }
         else if (strcasecmp ("GET_FEEDS", element_name) == 0)
           {
             append_attribute (attribute_names, attribute_values, "type",
@@ -9103,6 +9108,42 @@ results_xml_append_cert (GString *buffer, iterator_t *results, const char *oid,
     }
 }
 
+/**
+ * @brief Append an EPSS info element to a results XML buffer.
+ *
+ * @param[in]  results  Results iterator.
+ * @param[in]  buffer   XML buffer to add to.
+ */
+static void
+results_xml_append_epss (iterator_t *results, GString *buffer)
+{
+  buffer_xml_append_printf (buffer,
+                            "<epss>"
+                            "<max_severity>"
+                            "<score>%0.5f</score>"
+                            "<percentile>%0.5f</percentile>"
+                            "<cve id=\"%s\">"
+                            "<severity>%0.1f</severity>"
+                            "</cve>"
+                            "</max_severity>"
+                            "<max_epss>"
+                            "<score>%0.5f</score>"
+                            "<percentile>%0.5f</percentile>"
+                            "<cve id=\"%s\">"
+                            "<severity>%0.1f</severity>"
+                            "</cve>"
+                            "</max_epss>"
+                            "</epss>",
+                            result_iterator_epss_score (results),
+                            result_iterator_epss_percentile (results),
+                            result_iterator_epss_cve (results),
+                            result_iterator_epss_severity (results),
+                            result_iterator_max_epss_score (results),
+                            result_iterator_max_epss_percentile (results),
+                            result_iterator_max_epss_cve (results),
+                            result_iterator_max_epss_severity (results));
+}
+
 /**
  * @brief Append an NVT element to an XML buffer.
  *
@@ -9133,14 +9174,19 @@ results_xml_append_nvt (iterator_t *results, GString *buffer, int cert_loaded)
                                     "<severities score=\"%s\">"
                                     "</severities>"
                                     "<cpe id='%s'/>"
-                                    "<cve>%s</cve>"
-                                    "</nvt>",
+                                    "<cve>%s</cve>",
                                     oid,
                                     oid,
                                     severity ? severity : "",
                                     severity ? severity : "",
                                     result_iterator_port (results),
                                     oid);
+
+          if (result_iterator_epss_cve (results))
+            results_xml_append_epss (results, buffer);
+
+          buffer_xml_append_printf (buffer, "</nvt>");
+
           g_free (severity);
           return;
         }
@@ -9280,6 +9326,9 @@ results_xml_append_nvt (iterator_t *results, GString *buffer, int cert_loaded)
               buffer_xml_append_printf (buffer, "/>");
           }
 
+        if (result_iterator_epss_cve (results))
+          results_xml_append_epss (results, buffer);
+
         first = 1;
         xml_append_nvt_refs (buffer, result_iterator_nvt_oid (results),
                              &first);
@@ -11670,7 +11719,6 @@ handle_get_assets (gmp_parser_t *gmp_parser, GError **error)
       gchar *routes_xml;
 
       asset = get_iterator_resource (&assets);
-      /* Assets are currently always writable. */
       if (send_get_common ("asset", &get_assets_data->get, &assets,
                            gmp_parser->client_writer,
                            gmp_parser->client_writer_data,
@@ -12879,6 +12927,32 @@ get_feed (gmp_parser_t *gmp_parser, GError **error, int feed_type)
   SEND_TO_CLIENT_OR_FAIL ("</feed>");
 }
 
+/**
+ * @brief Handle end of GET_FEATURES element.
+ *
+ * @param[in]  gmp_parser   GMP parser.
+ * @param[in]  error        Error parameter.
+ */
+static void
+handle_get_features (gmp_parser_t *gmp_parser, GError **error)
+{
+  SEND_TO_CLIENT_OR_FAIL ("<get_features_response"
+                          " status=\"" STATUS_OK "\""
+                          " status_text=\"" STATUS_OK_TEXT "\">");
+
+  SENDF_TO_CLIENT_OR_FAIL ("<feature enabled=\"%d\">"
+                           "<name>CVSS3_RATINGS</name>"
+                           "</feature>",
+                           CVSS3_RATINGS ? 1 : 0);
+
+  SENDF_TO_CLIENT_OR_FAIL ("<feature enabled=\"%d\">"
+                           "<name>OPENVASD</name>"
+                           "</feature>",
+                           OPENVASD ? 1 : 0);
+
+  SEND_TO_CLIENT_OR_FAIL ("</get_features_response>");
+}
+
 /**
  * @brief Handle end of GET_FEEDS element.
  *
@@ -19960,6 +20034,10 @@ gmp_xml_handle_end_element (/* unused */ GMarkupParseContext* context,
         handle_get_credentials (gmp_parser, error);
         break;
 
+      case CLIENT_GET_FEATURES:
+        handle_get_features (gmp_parser, error);
+        break;
+
       case CLIENT_GET_FEEDS:
         handle_get_feeds (gmp_parser, error);
         break;
diff --git a/src/gvmd.c b/src/gvmd.c
index d2492c407..4ffdab4e8 100644
--- a/src/gvmd.c
+++ b/src/gvmd.c
@@ -2302,6 +2302,9 @@ gvmd (int argc, char** argv, char *env[])
         }
 #if OPENVASD == 1
       printf ("OpenVASD is enabled\n");
+#endif
+#if CVSS3_RATINGS == 1
+      printf ("CVSS3 severity ratings enabled\n");
 #endif
       printf ("Copyright (C) 2009-2021 Greenbone AG\n");
       printf ("License: AGPL-3.0-or-later\n");
diff --git a/src/manage.h b/src/manage.h
index ce3a5ea6d..9e7bbbce9 100644
--- a/src/manage.h
+++ b/src/manage.h
@@ -1522,6 +1522,30 @@ result_iterator_may_have_overrides (iterator_t*);
 int
 result_iterator_may_have_tickets (iterator_t*);
 
+double
+result_iterator_epss_score (iterator_t*);
+
+double
+result_iterator_epss_percentile (iterator_t*);
+
+const char*
+result_iterator_epss_cve (iterator_t*);
+
+double
+result_iterator_epss_severity (iterator_t*);
+
+double
+result_iterator_max_epss_score (iterator_t*);
+
+double
+result_iterator_max_epss_percentile (iterator_t*);
+
+const char*
+result_iterator_max_epss_cve (iterator_t*);
+
+double
+result_iterator_max_epss_severity (iterator_t*);
+
 gchar **
 result_iterator_cert_bunds (iterator_t*);
 
diff --git a/src/manage_pg.c b/src/manage_pg.c
index 19d3463f7..8c691994e 100644
--- a/src/manage_pg.c
+++ b/src/manage_pg.c
@@ -1806,6 +1806,59 @@ create_view_vulns ()
          " WHERE uuid in (SELECT * FROM used_nvts)");
 }
 
+/**
+ * @brief Create or replace the result_vt_epss view.
+ */
+void
+create_view_result_vt_epss ()
+{
+  sql ("DROP MATERIALIZED VIEW IF EXISTS result_vt_epss;");
+
+  if (sql_int ("SELECT EXISTS (SELECT * FROM information_schema.tables"
+               "               WHERE table_catalog = '%s'"
+               "               AND table_schema = 'scap'"
+               "               AND table_name = 'cves')"
+               " ::integer;",
+               sql_database ()))
+    sql ("CREATE MATERIALIZED VIEW result_vt_epss AS ("
+         "  SELECT cve AS vt_id,"
+         "    epss AS epss_score,"
+         "    percentile AS epss_percentile,"
+         "    cve AS epss_cve,"
+         "    cves.severity AS epss_severity,"
+         "    epss AS max_epss_score,"
+         "    percentile AS max_epss_percentile,"
+         "    cve AS max_epss_cve,"
+         "    cves.severity AS max_epss_severity"
+         "  FROM scap.epss_scores"
+         "  JOIN scap.cves ON cve = cves.uuid"
+         "  UNION ALL"
+         "  SELECT oid AS vt_id,"
+         "    epss_score,"
+         "    epss_percentile,"
+         "    epss_cve,"
+         "    epss_severity,"
+         "    max_epss_score,"
+         "    max_epss_percentile,"
+         "    max_epss_cve,"
+         "    max_epss_severity"
+         "  FROM nvts);");
+  else
+    sql ("CREATE MATERIALIZED VIEW result_vt_epss AS ("
+         "  SELECT oid AS vt_id,"
+         "    epss_score,"
+         "    epss_percentile,"
+         "    epss_cve,"
+         "    max_epss_score,"
+         "    max_epss_percentile,"
+         "    max_epss_cve"
+         "  FROM nvts);");
+
+  sql ("SELECT create_index ('result_vt_epss_by_vt_id',"
+       "                     'result_vt_epss', 'vt_id');");
+
+}
+
 
 
 #undef VULNS_RESULTS_WHERE
@@ -2997,6 +3050,8 @@ create_tables ()
 
   create_view_vulns ();
 
+  create_view_result_vt_epss ();
+
   /* Create indexes. */
 
   sql ("SELECT create_index ('config_preferences_by_config',"
diff --git a/src/manage_sql.c b/src/manage_sql.c
index e6a7e72c1..100030655 100644
--- a/src/manage_sql.c
+++ b/src/manage_sql.c
@@ -5266,7 +5266,7 @@ append_column (GArray *columns, const gchar *column_name,
  *                                resource.
  *
  * @return 0 success, 1 failed to find resource, 2 failed to find filter,
- *         3 invalid stat_column, 4 invalid group_column, 5 invalid type,
+ *         3 invalid data_column, 4 invalid group_column, 5 invalid type,
  *         6 trashcan not used by type, 7 invalid text column, 8 invalid
  *         subgroup_column, -1 error.
  */
@@ -22198,7 +22198,8 @@ where_qod (int min_qod)
     "description", "task", "report", "cvss_base", "nvt_version",              \
     "severity", "original_severity", "vulnerability", "date", "report_id",    \
     "solution_type", "qod", "qod_type", "task_id", "cve", "hostname",         \
-    "path", "compliant", NULL }
+    "path", "compliant", "epss_score", "epss_percentile", "max_epss_score",   \
+    "max_epss_percentile", NULL }
 
 // TODO Combine with RESULT_ITERATOR_COLUMNS.
 /**
@@ -22497,6 +22498,32 @@ where_qod (int min_qod)
       "         'undefined')",                                                \
       "compliant",                                                            \
       KEYWORD_TYPE_STRING },                                                  \
+    /* ^ 45 = 35 */                                                           \
+    { "coalesce (result_vt_epss.epss_score, 0.0)",                            \
+      "epss_score",                                                           \
+      KEYWORD_TYPE_DOUBLE },                                                  \
+    { "coalesce (result_vt_epss.epss_percentile, 0.0)",                       \
+      "epss_percentile",                                                      \
+      KEYWORD_TYPE_DOUBLE },                                                  \
+    { "result_vt_epss.epss_cve",                                              \
+      "epss_cve",                                                             \
+      KEYWORD_TYPE_STRING },                                                  \
+    { "coalesce (result_vt_epss.epss_severity, 0.0)",                         \
+      "epss_severity",                                                        \
+      KEYWORD_TYPE_DOUBLE },                                                  \
+    { "coalesce (result_vt_epss.max_epss_score, 0.0)",                        \
+      "max_epss_score",                                                       \
+      KEYWORD_TYPE_DOUBLE },                                                  \
+    /* ^ 50 = 40 */                                                           \
+    { "coalesce (result_vt_epss.max_epss_percentile, 0.0)",                   \
+      "max_epss_percentile",                                                  \
+      KEYWORD_TYPE_DOUBLE },                                                  \
+    { "result_vt_epss.max_epss_cve",                                          \
+      "max_epss_cve",                                                         \
+      KEYWORD_TYPE_STRING },                                                  \
+    { "coalesce (result_vt_epss.max_epss_severity, 0.0)",                     \
+      "max_epss_severity",                                                    \
+      KEYWORD_TYPE_DOUBLE },                                                  \
 
 /**
  * @brief Result iterator columns.
@@ -23196,7 +23223,9 @@ init_result_get_iterator (iterator_t* iterator, const get_data_t *get,
                                             "results",
                                             "nvts");
 
-  extra_tables = g_strdup_printf (" LEFT OUTER JOIN nvts"
+  extra_tables = g_strdup_printf (" LEFT OUTER JOIN result_vt_epss"
+                                  " ON results.nvt = result_vt_epss.vt_id"
+                                  " LEFT OUTER JOIN nvts"
                                   " ON results.nvt = nvts.oid %s,"
                                   " LATERAL %s AS lateral_new_severity",
                                   opts_tables,
@@ -23300,7 +23329,9 @@ result_count (const get_data_t *get, report_t report, const char* host)
                                             "results",
                                             "nvts");
   
-  extra_tables = g_strdup_printf (" LEFT OUTER JOIN nvts"
+  extra_tables = g_strdup_printf (" LEFT OUTER JOIN result_vt_epss"
+                                  " ON results.nvt = result_vt_epss.vt_id"
+                                  " LEFT OUTER JOIN nvts"
                                   " ON results.nvt = nvts.oid %s,"
                                   " LATERAL %s AS lateral_new_severity",
                                   opts_tables,
@@ -23765,6 +23796,118 @@ DEF_ACCESS (result_iterator_nvt_family, GET_ITERATOR_COLUMN_COUNT + 33);
  */
 DEF_ACCESS (result_iterator_nvt_tag, GET_ITERATOR_COLUMN_COUNT + 34);
 
+/**
+ * @brief Get EPSS score of highest severity CVE from a result iterator.
+ *
+ * @param[in]  iterator  Iterator.
+ *
+ * @return EPSS score of the highest severity CVE.
+ */
+double
+result_iterator_epss_score (iterator_t* iterator)
+{
+  if (iterator->done) return 0.0;
+  return iterator_double (iterator, GET_ITERATOR_COLUMN_COUNT + 36);
+}
+
+/**
+ * @brief Get EPSS percentile of highest severity CVE from a result iterator.
+ *
+ * @param[in]  iterator  Iterator.
+ *
+ * @return EPSS percentile of the highest severity CVE.
+ */
+double
+result_iterator_epss_percentile (iterator_t* iterator)
+{
+  if (iterator->done) return 0.0;
+  return iterator_double (iterator, GET_ITERATOR_COLUMN_COUNT + 37);
+}
+
+/**
+ * @brief Get highest severity CVE with EPSS score from a result iterator.
+ *
+ * @param[in]  iterator  Iterator.
+ *
+ * @return Highest severity CVE with EPSS score.
+ */
+const gchar *
+result_iterator_epss_cve (iterator_t* iterator)
+{
+  if (iterator->done) return NULL;
+  return iterator_string (iterator, GET_ITERATOR_COLUMN_COUNT + 38);
+}
+
+/**
+ * @brief Get the highest severity of EPSS CVEs from a result iterator.
+ *
+ * @param[in]  iterator  Iterator.
+ *
+ * @return Highest severity of referenced CVEs with EPSS.
+ */
+double
+result_iterator_epss_severity (iterator_t* iterator)
+{
+  if (iterator->done) return 0.0;
+  return iterator_double (iterator, GET_ITERATOR_COLUMN_COUNT + 39);
+}
+
+/**
+ * @brief Get maximum EPSS score of referenced CVEs from a result iterator.
+ *
+ * @param[in]  iterator  Iterator.
+ *
+ * @return Maximum EPSS score.
+ */
+double
+result_iterator_max_epss_score (iterator_t* iterator)
+{
+  if (iterator->done) return 0.0;
+  return iterator_double (iterator, GET_ITERATOR_COLUMN_COUNT + 40);
+}
+
+/**
+ * @brief Get maximum EPSS percentile of referenced CVEs from a result iterator.
+ *
+ * @param[in]  iterator  Iterator.
+ *
+ * @return Maximum EPSS percentile.
+ */
+double
+result_iterator_max_epss_percentile (iterator_t* iterator)
+{
+  if (iterator->done) return 0.0;
+  return iterator_double (iterator, GET_ITERATOR_COLUMN_COUNT + 41);
+}
+
+/**
+ * @brief Get the CVE with the maximum EPSS score from a result iterator.
+ *
+ * @param[in]  iterator  Iterator.
+ *
+ * @return CVE with maximum EPSS score.
+ */
+const gchar *
+result_iterator_max_epss_cve (iterator_t* iterator)
+{
+  if (iterator->done) return NULL;
+  return iterator_string (iterator, GET_ITERATOR_COLUMN_COUNT + 42);
+}
+
+/**
+ * @brief Get severity of CVE with maximum EPSS score from a result iterator.
+ *
+ * @param[in]  iterator  Iterator.
+ *
+ * @return Severity of CVE with maximum EPSS score.
+ */
+double
+result_iterator_max_epss_severity (iterator_t* iterator)
+{
+  if (iterator->done) return 0.0;
+  return iterator_double (iterator, GET_ITERATOR_COLUMN_COUNT + 43);
+}
+
 /**
  * @brief Get CERT-BUNDs from a result iterator.
  *
@@ -23776,7 +23919,7 @@ gchar **
 result_iterator_cert_bunds (iterator_t* iterator)
 {
   if (iterator->done) return 0;
-  return iterator_array (iterator, GET_ITERATOR_COLUMN_COUNT + 36);
+  return iterator_array (iterator, GET_ITERATOR_COLUMN_COUNT + 44);
 }
 
 /**
@@ -23790,7 +23933,7 @@ gchar **
 result_iterator_dfn_certs (iterator_t* iterator)
 {
   if (iterator->done) return 0;
-  return iterator_array (iterator, GET_ITERATOR_COLUMN_COUNT + 37);
+  return iterator_array (iterator, GET_ITERATOR_COLUMN_COUNT + 45);
 }
 
 /**
@@ -27954,6 +28097,8 @@ init_v2_delta_iterator (report_t report, iterator_t *results, report_t delta,
   extra_tables = g_strdup_printf (" JOIN comparison "
                                   " ON results.id = COALESCE (result1_id,"
                                   "                           result2_id)"
+                                  " LEFT OUTER JOIN result_vt_epss"
+                                  " ON results.nvt = result_vt_epss.vt_id"
                                   " LEFT OUTER JOIN nvts"
                                   " ON results.nvt = nvts.oid %s,"
                                   " LATERAL %s AS lateral_new_severity",
@@ -58055,7 +58200,9 @@ type_build_select (const char *type, const char *columns_str,
                                                 "results", 
                                                 "nvts");
 
-      opts_table = g_strdup_printf (" LEFT OUTER JOIN nvts"
+      opts_table = g_strdup_printf (" LEFT OUTER JOIN result_vt_epss"
+                                    " ON results.nvt = result_vt_epss.vt_id"
+                                    " LEFT OUTER JOIN nvts"
                                     " ON results.nvt = nvts.oid %s,"
                                     " LATERAL %s AS lateral_new_severity",
                                     original,
diff --git a/src/manage_sql.h b/src/manage_sql.h
index dfe87caa6..29b5988a1 100644
--- a/src/manage_sql.h
+++ b/src/manage_sql.h
@@ -295,7 +295,7 @@ typedef struct
 /**
  * @brief Delta results columns offset for result iterator.
  */
-#define RESULT_ITERATOR_DELTA_COLUMN_OFFSET GET_ITERATOR_COLUMN_COUNT + 38
+#define RESULT_ITERATOR_DELTA_COLUMN_OFFSET GET_ITERATOR_COLUMN_COUNT + 46
 
 
 /* Variables */
@@ -505,6 +505,9 @@ add_role_permission_resource (const gchar *, const gchar *, const gchar *,
 void
 create_view_vulns ();
 
+void
+create_view_result_vt_epss ();
+
 int
 config_family_entire_and_growing (config_t, const char*);
 
diff --git a/src/manage_sql_nvts.c b/src/manage_sql_nvts.c
index ccebce74f..a740fea5e 100644
--- a/src/manage_sql_nvts.c
+++ b/src/manage_sql_nvts.c
@@ -1987,6 +1987,7 @@ update_nvts_from_vts (element_t *get_vts_response,
     sql ("ALTER TABLE nvts_rebuild RENAME TO nvts;");
 
     create_view_vulns ();
+    create_view_result_vt_epss ();
   }
 
   set_nvts_check_time (count_new_vts, count_modified_vts);
diff --git a/src/manage_sql_secinfo.c b/src/manage_sql_secinfo.c
index fdf76db8c..fd8c13c76 100644
--- a/src/manage_sql_secinfo.c
+++ b/src/manage_sql_secinfo.c
@@ -3707,6 +3707,7 @@ update_scap_end ()
       /* View 'vulns' contains references into the SCAP schema, so it is
        * removed by the CASCADE. */
       create_view_vulns ();
+      create_view_result_vt_epss ();
     }
   else
     sql ("ALTER SCHEMA scap2 RENAME TO scap;");
@@ -3745,6 +3746,7 @@ abort_scap_update ()
       /* View 'vulns' contains references into the SCAP schema, so it is
        * removed by the CASCADE. */
       create_view_vulns ();
+      create_view_result_vt_epss ();
       /* Update CERT data that depends on SCAP. */
       update_cert_data ();
     }
diff --git a/src/schema_formats/XML/GMP.xml.in b/src/schema_formats/XML/GMP.xml.in
index cd86aada2..e2e517f64 100644
--- a/src/schema_formats/XML/GMP.xml.in
+++ b/src/schema_formats/XML/GMP.xml.in
@@ -523,6 +523,9 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
       <e>expiration_time</e>
       <e>issuer</e>
       <e>md5_fingerprint</e>
+      <o><e>sha256_fingerprint</e></o>
+      <o><e>subject</e></o>
+      <o><e>serial</e></o>
     </pattern>
     <ele>
       <name>time_status</name>
@@ -558,6 +561,21 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
       <summary>MD5 fingerprint of the certificate</summary>
       <pattern>text</pattern>
     </ele>
+    <ele>
+      <name>sha256_fingerprint</name>
+      <summary>SHA-256 fingerprint of the certificate</summary>
+      <pattern>text</pattern>
+    </ele>
+    <ele>
+      <name>subject</name>
+      <summary>Name of the certificate</summary>
+      <pattern>text</pattern>
+    </ele>
+    <ele>
+      <name>serial</name>
+      <summary>Serial number of certificate</summary>
+      <pattern>text</pattern>
+    </ele>
   </element>
   <element>
     <name>nvt</name>
@@ -1667,6 +1685,7 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
         <e>severities</e>
         <e>cpe</e>
         <e>tags</e>
+        <o><e>epss</e></o>
         <e>refs</e>
       </pattern>
       <ele>
@@ -1704,6 +1723,112 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
         <summary>Tags associated with the NVT</summary>
         <pattern>text</pattern>
       </ele>
+      <ele>
+        <name>epss</name>
+        <summary>Exploit Prediction Scoring System (EPSS) info if available</summary>
+        <pattern>
+          <e>max_severity</e>
+          <e>max_epss</e>
+        </pattern>
+        <ele>
+          <name>max_severity</name>
+          <summary>
+            EPSS info of the referenced CVE with the highest severity
+          </summary>
+          <description>
+            In case there are multiple CVEs referenced by the NVT tied for the
+            highest severity, they are also sorted by EPSS score and modification
+            time and the first one is chosen.
+          </description>
+          <pattern>
+            <e>score</e>
+            <e>percentile</e>
+            <e>cve</e>
+          </pattern>
+          <ele>
+            <name>score</name>
+            <summary>EPSS score of the CVE</summary>
+            <pattern>
+              <t>decimal</t>
+            </pattern>
+          </ele>
+          <ele>
+            <name>percentile</name>
+            <summary>EPSS percentile of the CVE</summary>
+            <pattern>
+              <t>decimal</t>
+            </pattern>
+          </ele>
+          <ele>
+            <name>cve</name>
+            <summary>The representative CVE chosen</summary>
+            <pattern>
+              <attrib>
+                <name>id</name>
+                <summary>CVE-ID of the CVE</summary>
+                <type>text</type>
+              </attrib>
+              <o><e>severity</e></o>
+            </pattern>
+            <ele>
+              <name>severity</name>
+              <summary>Severity (CVSS) score of the CVE if available</summary>
+              <pattern>
+                <t>severity</t>
+              </pattern>
+            </ele>
+          </ele>
+        </ele>
+        <ele>
+          <name>max_epss</name>
+          <summary>
+            EPSS info of the referenced CVE with the highest EPSS score
+          </summary>
+          <description>
+            In case there are multiple CVEs referenced by the NVT tied for the
+            highest EPSS score, they are also sorted by severity and modification
+            time and the first one is chosen.
+          </description>
+          <pattern>
+            <e>score</e>
+            <e>percentile</e>
+            <e>cve</e>
+          </pattern>
+          <ele>
+            <name>score</name>
+            <summary>EPSS score of the CVE</summary>
+            <pattern>
+              <t>decimal</t>
+            </pattern>
+          </ele>
+          <ele>
+            <name>percentile</name>
+            <summary>EPSS percentile of the CVE</summary>
+            <pattern>
+              <t>decimal</t>
+            </pattern>
+          </ele>
+          <ele>
+            <name>cve</name>
+            <summary>The representative CVE chosen</summary>
+            <pattern>
+              <attrib>
+                <name>id</name>
+                <summary>CVE-ID of the CVE</summary>
+                <type>text</type>
+              </attrib>
+              <o><e>severity</e></o>
+            </pattern>
+            <ele>
+              <name>severity</name>
+              <summary>Severity (CVSS) score of the CVE if available</summary>
+              <pattern>
+                <t>severity</t>
+              </pattern>
+            </ele>
+          </ele>
+        </ele>
+      </ele>
       <ele>
         <name>refs</name>
         <summary>List of references of various types for this vulnerability test</summary>
@@ -7803,6 +7928,7 @@ END:VCALENDAR
           <e>data_type</e>
           <any><e>data_column</e></any>
           <o><e>group_column</e></o>
+          <o><e>subgroup_column</e></o>
           <any><e>text_column</e></any>
           <or>
             <any><e>group</e></any>
@@ -7826,6 +7952,11 @@ END:VCALENDAR
           <summary>The column the data is grouped by</summary>
           <pattern><t>text</t></pattern>
         </ele>
+        <ele>
+          <name>subgroup_column</name>
+          <summary>The column to further group the resources by</summary>
+          <pattern><t>text</t></pattern>
+        </ele>
         <ele>
           <name>text_column</name>
           <summary>A simple text column</summary>
@@ -8433,6 +8564,7 @@ END:VCALENDAR
           <e>method</e>
           <e>filter</e>
           <o><e>tasks</e></o>
+          <e>active</e>
         </pattern>
         <ele>
           <name>owner</name>
@@ -8592,7 +8724,7 @@ END:VCALENDAR
         </ele>
         <ele>
           <name>method</name>
-          <summary>The method by which he alert must occur</summary>
+          <summary>The method by which the alert must occur</summary>
           <pattern>
             text
             <any><e>data</e></any>
@@ -8699,6 +8831,11 @@ END:VCALENDAR
             </ele>
           </ele>
         </ele>
+        <ele>
+          <name>active</name>
+          <summary>Whether the alert is active</summary>
+          <pattern><t>boolean</t></pattern>
+        </ele>
       </ele>
       <ele>
         <name>filters</name>
@@ -9082,7 +9219,7 @@ END:VCALENDAR
       </attrib>
       <attrib>
         <name>details</name>
-        <summary>Whether to include additional information (e.g., tags)</summary>
+        <summary>Whether to include additional information (e.g. tags)</summary>
         <type>boolean</type>
       </attrib>
     </pattern>
@@ -9122,6 +9259,7 @@ END:VCALENDAR
           <e>permissions</e>
           <o><e>user_tags</e></o>
           <o><e>identifiers</e></o>
+          <e>type</e>
           <or>
             <e>host</e>
             <e>os</e>
@@ -9208,6 +9346,7 @@ END:VCALENDAR
                 <e>type</e>
                 <e>data</e>
                 <e>deleted</e>
+                <e>name</e>
               </pattern>
               <ele>
                 <name>type</name>
@@ -9224,6 +9363,11 @@ END:VCALENDAR
                 <summary>Whether the source has been deleted</summary>
                 <pattern>boolean</pattern>
               </ele>
+              <ele>
+                <name>name</name>
+                <summary>User name when source type is User, else empty</summary>
+                <pattern>boolean</pattern>
+              </ele>
             </ele>
             <ele>
               <name>os</name>
@@ -9243,13 +9387,20 @@ END:VCALENDAR
             </ele>
           </ele>
         </ele>
+        <ele>
+          <name>type</name>
+          <summary>Either "host" or "os"</summary>
+          <pattern>
+            xsd:token { pattern = "host|os" }
+          </pattern>
+        </ele>
         <ele>
           <name>host</name>
           <summary>A host</summary>
           <pattern>
             <e>severity</e>
             <any><e>detail</e></any>
-            <e>routes</e>
+            <o><e>routes</e></o>
           </pattern>
           <ele>
             <name>severity</name>
@@ -9412,7 +9563,7 @@ END:VCALENDAR
               Hosts on which this OS has been detected as the best match
             </summary>
             <pattern>
-              <e>asset</e>
+              <any><e>asset</e></any>
             </pattern>
             <ele>
               <name>asset</name>
@@ -9447,7 +9598,7 @@ END:VCALENDAR
         </ele>
         <ele>
           <name>in_use</name>
-          <summary>Whether any tasks are using the asset</summary>
+          <summary>Whether the asset is in use</summary>
           <pattern><t>boolean</t></pattern>
         </ele>
         <ele>
@@ -10050,7 +10201,7 @@ END:VCALENDAR
         <ele>
           <name>writable</name>
           <summary>
-            Whether any tasks are using the config, including trashcan tasks
+            Whether the config may be modified
           </summary>
           <pattern><t>boolean</t></pattern>
         </ele>
@@ -10201,10 +10352,11 @@ END:VCALENDAR
             <pattern>
               <e>nvt</e>
               <e>name</e>
+              <o><e>hr_name</e></o>
               <e>id</e>
               <e>type</e>
               <e>value</e>
-              <e>default</e>
+              <o><e>default</e></o>
               <any><e>alt</e></any>
             </pattern>
             <ele>
@@ -10229,6 +10381,11 @@ END:VCALENDAR
               <summary>The compact name of the preference as used by the scanner</summary>
               <pattern><t>name</t></pattern>
             </ele>
+            <ele>
+              <name>hr_name</name>
+              <summary>The human readable name of the preference</summary>
+              <pattern><t>name</t></pattern>
+            </ele>
             <ele>
               <name>id</name>
               <summary>The ID of the preference</summary>
@@ -10433,20 +10590,31 @@ END:VCALENDAR
       <response>
         <get_configs_response status="200" status_text="OK">
           <config id="daba56c8-73ec-11df-a475-002264764cea">
+            <owner>
+              <name>mabel</name>
+            </owner>
             <name>Full and fast</name>
-            <comment>All NVT's; optimized by using previously collected information.</comment>
-            <creation_time>2012-11-23T10:44:00+01:00</creation_time>
-            <modification_time>2013-01-23T10:44:00+01:00</modification_time>
+            <comment>Most NVT's; optimized by using previously collected information. Version 20201215.</comment>
+            <creation_time>2023-03-06T11:26:30-05:00</creation_time>
+            <modification_time>2024-01-23T10:02:26-05:00</modification_time>
+            <writable>0</writable>
+            <in_use>1</in_use>
+            <permissions>
+              <permission>
+                <name>Everything</name>
+              </permission>
+            </permissions>
             <family_count>
-              4
+              56
               <growing>1</growing>
             </family_count>
             <nvt_count>
-              12
+              88005
               <growing>1</growing>
             </nvt_count>
-            <in_use>1</in_use>
-            <writable>0</writable>
+            <type>0</type>
+            <usage_type>scan</usage_type>
+            <predefined>0</predefined>
           </config>
           <truncated>...</truncated>
         </get_configs_response>
@@ -10461,44 +10629,64 @@ END:VCALENDAR
       <response>
         <get_configs_response status="200" status_text="OK">
           <config id="daba56c8-73ec-11df-a475-002264764cea">
+            <owner>
+              <name>mabel</name>
+            </owner>
             <name>Full and fast</name>
-            <comment>All NVT's; optimized by using previously collected information.</comment>
+            <comment>
+              Most NVT's; optimized by using previously collected information. Version 20201215.
+            </comment>
+            <creation_time>2023-03-06T11:26:30-05:00</creation_time>
+            <modification_time>2024-01-23T10:02:26-05:00</modification_time>
+            <writable>0</writable>
+            <in_use>1</in_use>
+            <permissions>
+              <permission>
+                <name>Everything</name>
+              </permission>
+            </permissions>
             <family_count>
-              4
+              56
               <growing>1</growing>
             </family_count>
             <nvt_count>
-              12
+              88005
               <growing>1</growing>
             </nvt_count>
-            <in_use>1</in_use>
-            <tasks>
-              <task id="13bb418a-4220-4575-b35b-ec398bff7417">
-                <name>Web Servers</name>
-              </task>
-              <truncated>...</truncated>
-            </tasks>
+            <type>0</type>
+            <usage_type>scan</usage_type>
+            <predefined>0</predefined>
             <families>
               <family>
-                <name>Credentials</name>
-                <nvt_count>8</nvt_count>
-                <max_nvt_count>8</max_nvt_count>
+                <name>AIX Local Security Checks</name>
+                <nvt_count>1</nvt_count>
+                <max_nvt_count>1</max_nvt_count>
                 <growing>1</growing>
               </family>
               <truncated>...</truncated>
             </families>
+            <max_nvt_count>88014</max_nvt_count>
+            <known_nvt_count>88005</known_nvt_count>
             <preferences>
               <preference>
-                <nvt oid="1.3.6.1.4.1.25623.1.0.10330">
-                  <name>Services</name>
+                <nvt oid="1.3.6.1.4.1.25623.1.0.100151">
+                  <name>PostgreSQL Detection (TCP)</name>
                 </nvt>
                 <id>1</id>
-                <name>Network connection timeout :</name>
+                <hr_name>Postgres Username:</hr_name>
+                <name>Postgres Username:</name>
                 <type>entry</type>
-                <value>5</value>
+                <value>postgres</value>
+                <default>postgres</default>
               </preference>
               <truncated>...</truncated>
             </preferences>
+            <tasks>
+              <task id="1d5c5fc8-937e-41f1-b52f-49887c386b12">
+                <name>Web Servers</name>
+              </task>
+              <truncated>...</truncated>
+            </tasks>
           </config>
           <truncated>...</truncated>
         </get_configs_response>
@@ -10614,6 +10802,11 @@ END:VCALENDAR
         <summary>ID of filter to use to filter query</summary>
         <type>uuid</type>
       </attrib>
+      <attrib>
+        <name>details</name>
+        <summary>Whether to include certificate info</summary>
+        <type>boolean</type>
+      </attrib>
       <attrib>
         <name>scanners</name>
         <summary>Whether to include a list of scanners using the credentials</summary>
@@ -10687,11 +10880,13 @@ END:VCALENDAR
           <o><e>certificate_info</e></o>
           <o><e>scanners</e></o>
           <o><e>targets</e></o>
-          <or>
-            <e>public_key</e>
-            <e>package</e>
-            <e>certificate</e>
-          </or>
+          <o>
+            <or>
+              <e>public_key</e>
+              <e>package</e>
+              <e>certificate</e>
+            </or>
+          </o>
         </pattern>
         <ele>
           <name>owner</name>
@@ -11202,6 +11397,65 @@ END:VCALENDAR
       </response>
     </example>
   </command>
+  <command>
+    <name>get_features</name>
+    <summary>Get a list of optional features</summary>
+    <description>
+      <p>
+        The client uses the get_features command to get a list of optional
+        features.
+        If the command sent by the client was valid, the manager will
+        reply with a list of features to the client.
+      </p>
+    </description>
+    <pattern></pattern>
+    <response>
+      <pattern>
+        <attrib>
+          <name>status</name>
+          <type>status</type>
+          <required>1</required>
+        </attrib>
+        <attrib>
+          <name>status_text</name>
+          <type>text</type>
+          <required>1</required>
+        </attrib>
+        <any><e>feature</e></any>
+      </pattern>
+      <ele>
+        <name>feature</name>
+        <pattern>
+          <attrib>
+            <name>enabled</name>
+            <type>boolean</type>
+            <summary>Whether the feature is enabled</summary>
+            <required>1</required>
+          </attrib>
+          <e>name</e>
+        </pattern>
+        <ele>
+          <name>name</name>
+          <summary>The name of the feature</summary>
+          <pattern>text</pattern>
+        </ele>
+      </ele>
+    </response>
+    <example>
+      <summary>Get the optional features</summary>
+      <request>
+        <get_feeds>
+        </get_feeds>
+      </request>
+      <response>
+        <get_features_response status_text="OK" status="200">
+          <feature enabled="0">
+            <name>OPENVASD</name>
+          </feature>
+        </get_features_response>
+      </response>
+    </example>
+  </command>
   <command>
     <name>get_feeds</name>
     <summary>Get one or many feeds</summary>
@@ -11215,7 +11469,7 @@ END:VCALENDAR
     <pattern>
       <attrib>
         <name>type</name>
-        <summary>Type of single feed to get: NVT, CERT or SCAP</summary>
+        <summary>Type of single feed to get: NVT, CERT, SCAP or GVMD_DATA</summary>
         <type>text</type>
       </attrib>
     </pattern>
@@ -11245,7 +11499,7 @@ END:VCALENDAR
         </pattern>
         <ele>
           <name>type</name>
-          <summary>The type of feed: NVT, CERT or SCAP</summary>
+          <summary>The type of feed: NVT, CERT, SCAP or GVMD_DATA</summary>
           <pattern>text</pattern>
         </ele>
         <ele>
@@ -11279,18 +11533,12 @@ END:VCALENDAR
           <summary>Present if a sync of this type is underway</summary>
           <pattern>
             <e>timestamp</e>
-            <e>user</e>
           </pattern>
           <ele>
             <name>timestamp</name>
             <summary>Time sync started</summary>
             <pattern>text</pattern>
           </ele>
-          <ele>
-            <name>user</name>
-            <summary>Name of user who is performing sync</summary>
-            <pattern>text</pattern>
-          </ele>
         </ele>
       </ele>
     </response>