Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 4951 | CVE-2025-31579 |
|
45.8th | 9.3 | This SQL injection vulnerability in the WP AutoKeyword WordPress plugin allows attackers to execute | |
| 4952 | CVE-2025-31553 |
|
45.8th | 9.3 | This SQL injection vulnerability in the Advanced WooCommerce Product Sales Reporting WordPress plugi | |
| 4953 | CVE-2025-31551 |
|
45.8th | 9.3 | This SQL injection vulnerability in the Salesmate Add-On for Gravity Forms WordPress plugin allows a | |
| 4954 | CVE-2025-31531 |
|
45.8th | 9.3 | This SQL injection vulnerability in the History Log by click5 WordPress plugin allows attackers to e | |
| 4955 | CVE-2025-30807 |
|
45.8th | 9.3 | This SQL injection vulnerability in the Next-Cart Store to WooCommerce Migration WordPress plugin al | |
| 4956 | CVE-2025-30971 |
|
45.8th | 9.3 | This SQL injection vulnerability in the XV Random Quotes WordPress plugin allows attackers to execut | |
| 4957 | CVE-2025-30876 |
|
45.8th | 9.3 | This SQL injection vulnerability in the Ads by WPQuads WordPress plugin allows attackers to execute | |
| 4958 | CVE-2025-30622 |
|
45.8th | 9.3 | This SQL injection vulnerability in the PostMash WordPress plugin allows attackers to execute arbitr | |
| 4959 | CVE-2025-5943 |
|
45.7th | 8.8 | MicroDicom DICOM Viewer has an out-of-bounds write vulnerability that could allow remote attackers t | |
| 4960 | CVE-2025-33056 |
|
45.7th | 7.5 | This vulnerability in Microsoft's Local Security Authority Server allows unauthorized attackers to c | |
| 4961 | CVE-2025-49840 |
|
45.7th | 9.8 | This vulnerability allows remote code execution through unsafe deserialization in GPT-SoVITS-WebUI. | |
| 4962 | CVE-2025-30264 |
|
45.7th | 8.8 | This CVE describes a command injection vulnerability in QNAP operating systems that allows authentic | |
| 4963 | CVE-2025-62420 |
|
45.8th | 8.8 | This vulnerability allows authenticated attackers to bypass JDBC driver restrictions in DataEase by | |
| 4964 | CVE-2025-58726 |
|
45.8th | 7.5 | An improper access control vulnerability in Windows SMB Server allows authenticated attackers to ele | |
| 4965 | CVE-2025-61665 |
|
45.8th | 7.5 | CVE-2025-61665 is a broken access control vulnerability in WeGIA, an open-source web manager for cha | |
| 4966 | CVE-2025-15192 |
|
45.7th | 6.3 | This CVE describes a command injection vulnerability in D-Link DWR-M920 routers that allows remote a | |
| 4967 | CVE-2025-15191 |
|
45.7th | 6.3 | This CVE describes a command injection vulnerability in D-Link DWR-M920 routers that allows remote a | |
| 4968 | CVE-2025-67744 |
|
45.8th | 9.6 | DeepChat versions before 0.5.3 contain a critical vulnerability where unsafe Mermaid diagram renderi | |
| 4969 | CVE-2026-21869 |
|
45.7th | 8.8 | This vulnerability in llama.cpp allows remote attackers to cause memory corruption by sending specia | |
| 4970 | CVE-2024-56266 |
|
45.6th | 6.3 | This CVE describes a Missing Authorization vulnerability in the Sonaar Music MP3 Audio Player WordPr | |
| 4971 | CVE-2024-12550 |
|
45.6th | 7.8 | This vulnerability in Tungsten Automation Power PDF allows attackers to disclose sensitive informati | |
| 4972 | CVE-2025-20637 |
|
45.7th | 7.5 | This vulnerability in MediaTek network hardware allows remote attackers to cause a system hang (deni | |
| 4973 | CVE-2025-30361 |
|
45.6th | 9.8 | This vulnerability allows unauthenticated attackers to reset any user's password without verifying t | |
| 4974 | CVE-2025-3739 |
|
45.6th | 5.9 | This vulnerability affects the Drupal 8 Google Optimize Hide Page module, allowing attackers to bypa | |
| 4975 | CVE-2025-3733 |
|
45.6th | 6.5 | This CVE describes a Cross-Site Scripting (XSS) vulnerability in the Drupal baguetteBox.Js module. A | |
| 4976 | CVE-2025-3561 |
|
45.6th | 4.3 | This vulnerability in ghostxbh uzy-ssm-mall 1.0.0 allows attackers to perform cross-site request for | |
| 4977 | CVE-2025-26335 |
|
45.6th | 5.8 | Dell PowerProtect Cyber Recovery versions before 19.18.0.2 expose sensitive information in sent data | |
| 4978 | CVE-2024-53286 |
|
45.6th | 7.2 | This CVE describes an OS command injection vulnerability in Synology Router Manager's DDNS functiona | |
| 4979 | CVE-2024-52279 |
|
45.6th | 5.3 | This vulnerability allows attackers to bypass JDBC URL validation in Apache Zeppelin by using URL-en | |
| 4980 | CVE-2025-58176 |
|
45.6th | 8.8 | CVE-2025-58176 is a one-click remote code execution vulnerability in Dive MCP Host Desktop Applicati | |
| 4981 | CVE-2025-15138 |
|
45.7th | 4.7 | This vulnerability in TinyFileManager allows attackers to perform path traversal attacks by manipula | |
| 4982 | CVE-2025-14535 |
|
45.6th | 9.8 | This is a critical buffer overflow vulnerability in UTT θΏε 512W routers that allows remote attac | |
| 4983 | CVE-2025-60021 |
|
45.7th | 9.8 | This CVE describes a remote command injection vulnerability in Apache bRPC's heap profiler service. | |
| 4984 | CVE-2025-23918 |
|
45.5th | 9.9 | CVE-2025-23918 is an arbitrary file upload vulnerability in the Smallerik File Browser WordPress plu | |
| 4985 | CVE-2024-24442 |
|
45.5th | 7.5 | A NULL pointer dereference vulnerability in OpenAirInterface's 5G AMF software allows attackers to c | |
| 4986 | CVE-2025-22782 |
|
45.5th | 9.9 | This vulnerability allows attackers to upload malicious files to WordPress servers running the WR Pr | |
| 4987 | CVE-2024-47897 |
|
45.5th | 8.8 | This vulnerability allows non-privileged user applications to make improper GPU system calls through | |
| 4988 | CVE-2025-22739 |
|
45.5th | 5.3 | This CVE describes a missing authorization vulnerability in the LearnPress WordPress plugin that all | |
| 4989 | CVE-2025-30830 |
|
45.5th | 5.3 | This CVE describes a Missing Authorization vulnerability in the Hossni Mubarak Cool Author Box WordP | |
| 4990 | CVE-2025-30591 |
|
45.5th | 5.3 | This CVE describes a Missing Authorization vulnerability in the Music Press Pro WordPress plugin tha | |
| 4991 | CVE-2025-27138 |
|
45.5th | 9.8 | This vulnerability allows attackers to bypass authentication in DataEase, potentially gaining unauth | |
| 4992 | CVE-2025-22232 |
|
45.5th | 5.3 | Spring Cloud Config Server may ignore client-provided Vault tokens via X-CONFIG-TOKEN header, causin | |
| 4993 | CVE-2025-26480 |
|
45.5th | 5.3 | Dell PowerScale OneFS versions 9.5.0.0 through 9.10.0.0 contain an uncontrolled resource consumption | |
| 4994 | CVE-2025-31012 |
|
45.5th | 5.3 | This CVE describes a missing authorization vulnerability in the Age Gate WordPress plugin that allow | |
| 4995 | CVE-2025-0154 |
|
45.5th | 5.3 | IBM TXSeries for Multiplatforms versions 9.1 and 11.1 have an HTTP header injection vulnerability th | |
| 4996 | CVE-2025-27694 |
|
45.5th | 5.3 | Dell Wyse Management Suite versions before 5.1 contain an insufficient resource pool vulnerability t | |
| 4997 | CVE-2025-31628 |
|
45.5th | 5.3 | This CVE describes a Missing Authorization vulnerability in the Sliced Invoices WordPress plugin tha | |
| 4998 | CVE-2025-31863 |
|
45.5th | 5.3 | This CVE describes a missing authorization vulnerability in the Agency Toolkit WordPress plugin that | |
| 4999 | CVE-2025-31786 |
|
45.5th | 5.3 | This CVE describes a Missing Authorization vulnerability in the WordPress Simple Icons plugin that a | |
| 5000 | CVE-2025-8184 |
|
45.5th | 8.8 | A critical stack-based buffer overflow vulnerability in D-Link DIR-513 routers allows remote attacke |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation β making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free