Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 1 | CVE-2024-50603 |
|
100th | 10.0 | KEV | This is a critical command injection vulnerability in Aviatrix Controller that allows unauthenticate |
| 2 | CVE-2025-24813 |
|
99.9th | 9.8 | KEV | This vulnerability in Apache Tomcat allows path traversal attacks via internal dot handling in filen |
| 3 | CVE-2024-55591 |
|
99.9th | 9.8 | KEV | This vulnerability allows remote attackers to bypass authentication and gain super-admin privileges |
| 4 | CVE-2025-0282 |
|
99.9th | 9.0 | KEV | A stack-based buffer overflow vulnerability in Ivanti Connect Secure, Policy Secure, and Neurons for |
| 5 | CVE-2025-0108 |
|
99.9th | 9.1 | KEV | An authentication bypass vulnerability in Palo Alto Networks PAN-OS software allows unauthenticated |
| 6 | CVE-2024-13159 |
|
99.9th | 9.8 | KEV | CVE-2024-13159 is an absolute path traversal vulnerability in Ivanti Endpoint Manager (EPM) that all |
| 7 | CVE-2024-32640 |
|
99.8th | 9.8 | CVE-2024-32640 is a critical SQL injection vulnerability in MASA CMS that allows attackers to execut | |
| 8 | CVE-2025-29927 |
|
99.8th | 9.1 | This CVE describes an authorization bypass vulnerability in Next.js middleware. Attackers can bypass | |
| 9 | CVE-2025-47812 |
|
99.7th | 10.0 | KEV | CVE-2025-47812 is a critical remote code execution vulnerability in Wing FTP Server that allows atta |
| 10 | CVE-2025-3248 |
|
99.7th | 9.8 | KEV | CVE-2025-3248 is an unauthenticated remote code execution vulnerability in Langflow's /api/v1/valida |
| 11 | CVE-2025-49113 |
|
99.7th | 9.9 | CVE-2025-49113 is a critical remote code execution vulnerability in Roundcube Webmail affecting auth | |
| 12 | CVE-2025-1661 |
|
99.7th | 9.8 | This vulnerability allows unauthenticated attackers to perform Local File Inclusion (LFI) via the 't | |
| 13 | CVE-2025-1974 |
|
99.6th | 9.8 | CVE-2025-1974 is a critical vulnerability in Kubernetes' ingress-nginx controller that allows unauth | |
| 14 | CVE-2025-47916 |
|
99.6th | 10.0 | This vulnerability allows unauthenticated remote attackers to execute arbitrary PHP code on Invision | |
| 15 | CVE-2018-1160 |
|
99.6th | 9.8 | CVE-2018-1160 is a critical vulnerability in Netatalk that allows remote unauthenticated attackers t | |
| 16 | CVE-2024-13161 |
|
99.5th | 9.8 | KEV | This vulnerability allows remote unauthenticated attackers to perform absolute path traversal attack |
| 17 | CVE-2025-53770 |
|
99.5th | 9.8 | KEV | CVE-2025-53770 is a critical deserialization vulnerability in on-premises Microsoft SharePoint Serve |
| 18 | CVE-2025-64446 |
|
99.5th | 9.8 | KEV | A relative path traversal vulnerability in Fortinet FortiWeb web application firewalls allows attack |
| 19 | CVE-2025-0107 |
|
99.5th | 9.8 | An unauthenticated OS command injection vulnerability in Palo Alto Networks Expedition allows attack | |
| 20 | CVE-2025-61882 |
|
99.5th | 9.8 | KEV | This critical vulnerability in Oracle E-Business Suite's Concurrent Processing component allows unau |
| 21 | CVE-2025-31161 |
|
99.5th | 9.8 | KEV | This critical authentication bypass vulnerability in CrushFTP allows unauthenticated attackers to ga |
| 22 | CVE-2025-30406 |
|
99.5th | 9.0 | KEV | This vulnerability in Gladinet CentreStack allows remote code execution through deserialization atta |
| 23 | CVE-2024-43468 |
|
99.4th | 9.8 | KEV | CVE-2024-43468 is a critical SQL injection vulnerability in Microsoft Configuration Manager that all |
| 24 | CVE-2025-2746 |
|
99.4th | 9.8 | KEV | An authentication bypass vulnerability in Kentico Xperience's Staging Sync Server allows attackers t |
| 25 | CVE-2024-55556 |
|
99.4th | 9.8 | CVE-2024-55556 is a critical remote command execution vulnerability in Crater Invoice that allows un | |
| 26 | CVE-2020-36847 |
|
99.4th | 9.8 | This vulnerability allows unauthenticated attackers to rename uploaded PHP files with .png extension | |
| 27 | CVE-2025-1302 |
|
99.4th | 9.8 | CVE-2025-1302 is a critical Remote Code Execution vulnerability in jsonpath-plus versions before 10. | |
| 28 | CVE-2025-11749 |
|
99.3th | 9.8 | The AI Engine WordPress plugin exposes bearer tokens through an unauthenticated REST API endpoint wh | |
| 29 | CVE-2025-29306 |
|
99.3th | 9.8 | This vulnerability allows remote attackers to execute arbitrary code on FoxCMS v1.2.5 systems throug | |
| 30 | CVE-2025-1316 |
|
99.3th | 9.8 | KEV | The Edimax IC-7100 network camera has an OS command injection vulnerability (CWE-78) that allows rem |
| 31 | CVE-2025-59528 |
|
99.3th | 10.0 | Flowise versions 3.0.5 and below contain a critical remote code execution vulnerability in the Custo | |
| 32 | CVE-2026-24061 |
|
99.3th | 9.8 | KEV | This vulnerability in GNU Inetutils telnetd allows remote attackers to bypass authentication by sett |
| 33 | CVE-2025-52691 |
|
99.2th | 10.0 | KEV | This critical vulnerability allows unauthenticated attackers to upload arbitrary files to any locati |
| 34 | CVE-2016-15043 |
|
99.2th | 9.8 | The WP Mobile Detector WordPress plugin allows unauthenticated attackers to upload arbitrary files d | |
| 35 | CVE-2025-13315 |
|
99.2th | 9.8 | CVE-2025-13315 is an authentication bypass vulnerability in Twonky Server that allows unauthenticate | |
| 36 | CVE-2025-61757 |
|
99.2th | 9.8 | KEV | This critical vulnerability in Oracle Identity Manager allows unauthenticated attackers to remotely |
| 37 | CVE-2024-46506 |
|
99.2th | 10.0 | CVE-2024-46506 is an unauthenticated remote command injection vulnerability in NetAlertX that allows | |
| 38 | CVE-2019-25224 |
|
99th | 9.8 | This vulnerability allows unauthenticated attackers to execute arbitrary operating system commands o | |
| 39 | CVE-2025-26319 |
|
99th | 9.8 | FlowiseAI Flowise v2.2.6 contains an arbitrary file upload vulnerability in the /api/v1/attachments | |
| 40 | CVE-2024-11613 |
|
99th | 9.8 | This vulnerability in the WordPress File Upload plugin allows unauthenticated attackers to execute a | |
| 41 | CVE-2025-13486 |
|
99th | 9.8 | This vulnerability allows unauthenticated attackers to execute arbitrary code on WordPress sites run | |
| 42 | CVE-2025-2945 |
|
99th | 9.9 | This CVE describes a critical remote code execution vulnerability in pgAdmin 4 where attacker-contro | |
| 43 | CVE-2025-27520 |
|
99th | 9.8 | CVE-2025-27520 is a critical remote code execution vulnerability in BentoML caused by insecure deser | |
| 44 | CVE-2025-40551 |
|
99th | 9.8 | KEV | SolarWinds Web Help Desk has an unauthenticated remote code execution vulnerability via untrusted da |
| 45 | CVE-2024-46310 |
|
99th | 9.1 | This vulnerability allows unauthenticated attackers to read and modify arbitrary user data in Cfx.re | |
| 46 | CVE-2025-32432 |
|
98.9th | 10.0 | CVE-2025-32432 is a critical remote code execution vulnerability in Craft CMS that allows attackers | |
| 47 | CVE-2025-21298 |
|
98.9th | 9.8 | This critical vulnerability in Windows OLE (Object Linking and Embedding) allows remote attackers to | |
| 48 | CVE-2012-10054 |
|
98.9th | 9.8 | This vulnerability allows unauthenticated attackers to upload and execute arbitrary ASPX scripts on | |
| 49 | CVE-2013-10051 |
|
98.9th | 9.8 | This CVE describes a critical remote code execution vulnerability in InstantCMS versions 1.6 and ear | |
| 50 | CVE-2024-57045 |
|
98.8th | 9.8 | This critical vulnerability in D-Link DIR-859 routers allows attackers to bypass authentication by f |
Page 1 of 70
Next →
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free