Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Flags	Summary
451	CVE-2025-24406	1.6%	81.4th	7.5		This CVE describes a path traversal vulnerability in Adobe Commerce that allows unauthenticated atta
452	CVE-2025-47166	1.59%	81.3th	8.8		CVE-2025-47166 is a deserialization vulnerability in Microsoft Office SharePoint that allows authent
453	CVE-2024-13744	1.58%	81.2th	8.1		The Booster for WooCommerce WordPress plugin versions 4.0.1 through 7.2.4 contain an arbitrary file
454	CVE-2020-36867	1.55%	81.1th	8.8		This vulnerability allows authenticated attackers in Nagios XI to execute arbitrary commands on the
455	CVE-2025-59285	1.55%	81.1th	7.0		CVE-2025-59285 is a deserialization vulnerability in Azure Monitor Agent that allows authenticated a
456	CVE-2025-2249	1.55%	81.1th	8.8		The SoJ SoundSlides WordPress plugin allows authenticated attackers with Contributor-level access or
457	CVE-2025-32701	1.54%	81.1th	7.8	KEV	This vulnerability is a use-after-free flaw in the Windows Common Log File System Driver that allows
458	CVE-2025-9713	1.54%	81th	8.8		CVE-2025-9713 is a path traversal vulnerability in Ivanti Endpoint Manager (EPM) that allows remote
459	CVE-2024-13471	1.53%	81th	7.5		The DesignThemes Core Features WordPress plugin contains a file inclusion vulnerability that allows
460	CVE-2025-21206	1.53%	81th	7.3		This vulnerability in Visual Studio Installer allows attackers to elevate privileges on Windows syst
461	CVE-2025-28072	1.51%	80.9th	7.5		PHPGurukul Pre-School Enrollment System contains a directory traversal vulnerability in manage-teach
462	CVE-2025-33072	1.5%	80.8th	8.1		An improper access control vulnerability in Microsoft Azure allows unauthorized attackers to access
463	CVE-2025-21354	1.48%	80.7th	8.4		This vulnerability allows remote code execution through specially crafted Excel files. Attackers can
464	CVE-2025-26349	1.48%	80.7th	7.2		This vulnerability allows authenticated remote attackers to overwrite arbitrary files on Q-Free MaxT
465	CVE-2024-13499	1.48%	80.6th	7.3		This vulnerability allows unauthenticated attackers to execute arbitrary WordPress shortcodes throug
466	CVE-2025-0429	1.47%	80.6th	7.2		This vulnerability allows authenticated WordPress administrators to perform PHP object injection thr
467	CVE-2025-0428	1.47%	80.6th	7.2		The AI Power: Complete AI Pack WordPress plugin up to version 1.8.96 contains a PHP object injection
468	CVE-2026-21226	1.47%	80.6th	7.5		This vulnerability in Azure Core shared client library for Python allows deserialization of untruste
469	CVE-2026-1761	1.45%	80.5th	8.6		A stack-based buffer overflow vulnerability in libsoup allows remote attackers to execute arbitrary
470	CVE-2022-46763	1.45%	80.4th	8.8		This SQL injection vulnerability in TrueConf Server allows low-privileged database users to execute
471	CVE-2018-25122	1.44%	80.4th	8.8		This vulnerability allows authenticated users of Nagios XI to execute arbitrary commands on the serv
472	CVE-2025-4210	1.44%	80.4th	7.3		This critical vulnerability in Casdoor allows attackers to bypass authorization checks when creating
473	CVE-2025-49581	1.43%	80.3th	8.8		This vulnerability in XWiki allows users with edit rights on any page (including their own profile)
474	CVE-2025-1119	1.42%	80.2th	7.3		This vulnerability allows unauthenticated attackers to execute arbitrary WordPress shortcodes throug
475	CVE-2024-10932	1.41%	80.2th	8.8		The Backup Migration plugin for WordPress is vulnerable to PHP object injection via insecure deseria
476	CVE-2024-57392	1.41%	80.2th	7.5		A buffer overflow vulnerability in ProFTPD allows remote attackers to execute arbitrary code or caus
477	CVE-2025-9223	1.41%	80.2th	8.8		This vulnerability allows authenticated attackers to execute arbitrary commands on ManageEngine Appl
478	CVE-2025-29809	1.4%	80.1th	7.1		This vulnerability allows an authorized attacker with local access to bypass a security feature in W
479	CVE-2025-51991	1.4%	80.1th	8.8		This vulnerability allows authenticated administrators in XWiki to inject malicious Apache Velocity
480	CVE-2025-23052	1.4%	80.1th	7.2		This CVE describes an authenticated command injection vulnerability in a network management service'
481	CVE-2025-56129	1.4%	80.1th	8.8		This CVE describes an OS command injection vulnerability in Ruijie RG-BCR860 routers that allows att
482	CVE-2025-0291	1.39%	80.1th	8.8		This is a type confusion vulnerability in Chrome's V8 JavaScript engine that allows remote attackers
483	CVE-2025-0394	1.39%	80.1th	8.8		The Groundhogg WordPress plugin up to version 3.7.3.5 allows authenticated attackers with Author-lev
484	CVE-2025-21178	1.38%	80th	8.8		This is a heap-based buffer overflow vulnerability in Visual Studio that allows remote code executio
485	CVE-2025-21342	1.38%	80th	8.8		This vulnerability in Microsoft Edge (Chromium-based) allows remote attackers to execute arbitrary c
486	CVE-2025-20617	1.37%	79.9th	7.2		This vulnerability allows authenticated attackers with administrative access to execute arbitrary op
487	CVE-2024-10942	1.37%	79.9th	7.5		The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to PHP object injection vi
488	CVE-2025-2780	1.36%	79.8th	8.8		The Woffice Core plugin for WordPress has a vulnerability that allows authenticated users with Subsc
489	CVE-2025-2891	1.36%	79.8th	8.8		The Real Estate 7 WordPress theme allows authenticated attackers with Seller-level access or higher
490	CVE-2025-2805	1.35%	79.8th	7.3		The ORDER POST WordPress plugin allows unauthenticated attackers to execute arbitrary shortcodes due
491	CVE-2024-9415	1.35%	79.8th	8.8		A path traversal vulnerability in transformeroptimus/superagi version 0.0.14 allows attackers to upl
492	CVE-2024-6825	1.35%	79.8th	8.8		This vulnerability in BerriAI/litellm allows remote code execution by exploiting improper input vali
493	CVE-2024-13921	1.35%	79.7th	7.2		This vulnerability allows authenticated WordPress administrators to inject PHP objects via deseriali
494	CVE-2025-47227	1.34%	79.7th	7.5		This vulnerability allows unauthenticated attackers to bypass authentication and take over administr
495	CVE-2025-21224	1.34%	79.7th	8.1		This vulnerability allows remote attackers to execute arbitrary code on Windows systems running the
496	CVE-2025-0457	1.33%	79.6th	8.8		CVE-2025-0457 is an OS command injection vulnerability in NetVision Information's airPASS product th
497	CVE-2025-13223	1.33%	79.6th	8.8	KEV	A type confusion vulnerability in Chrome's V8 JavaScript engine allows attackers to trigger heap cor
498	CVE-2024-12905	1.32%	79.6th	7.5		This vulnerability in tar-fs allows attackers to write files outside the intended extraction directo
499	CVE-2024-11629	1.32%	79.5th	7.1		This vulnerability in Progress Telerik Document Processing Libraries allows attackers to export the
500	CVE-2024-6486	1.32%	79.5th	7.2		This vulnerability allows authenticated WordPress administrators to execute arbitrary operating syst

← Previous Page 10 of 265 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free