Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
5101	CVE-2025-59240	0.06%	19.7th	5.5	This vulnerability in Microsoft Office Excel allows an unauthorized local attacker to access sensiti
5102	CVE-2025-34238	0.06%	19.8th	6.5	This vulnerability allows authenticated network administrators in Advantech WebAccess/VPN to read ar
5103	CVE-2025-14434	0.06%	19.8th	5.3	The Ultimate Post Kit Addons for Elementor WordPress plugin before version 4.0.16 contains an authen
5104	CVE-2025-65925	0.06%	20th	6.5	A legacy API in Zeroheight SaaS allowed account creation without email verification. While unverifie
5105	CVE-2025-66357	0.06%	19.7th	5.3	The CHOCO TEI WATCHER mini (IB-MCT001) has an improper condition check vulnerability in its Video Do
5106	CVE-2025-65803	0.06%	19.8th	6.5	An integer overflow vulnerability in FreeImage's PSD parser allows attackers to cause Denial of Serv
5107	CVE-2026-2107	0.06%	19.8th	6.3	This CVE describes an improper authorization vulnerability in the yeqifu warehouse software's log in
5108	CVE-2026-2106	0.06%	19.8th	6.3	This CVE describes an improper authorization vulnerability in the Notice Management component of yeq
5109	CVE-2026-2105	0.06%	19.8th	6.3	This CVE-2026-2105 vulnerability allows unauthorized users to manipulate department management funct
5110	CVE-2025-66469	0.06%	20th	6.1	NiceGUI versions 3.3.1 and below are vulnerable to Reflected Cross-Site Scripting (XSS) through the
5111	CVE-2025-53965	0.06%	19.8th	5.3	A buffer overflow vulnerability in Samsung Exynos processors allows attackers to cause a fatal error
5112	CVE-2026-2079	0.06%	19.8th	6.3	This CVE describes an improper authorization vulnerability in yeqifu warehouse's menu management fun
5113	CVE-2026-2078	0.06%	19.8th	6.3	This CVE describes an improper authorization vulnerability in yeqifu warehouse's permission manageme
5114	CVE-2026-2077	0.06%	19.8th	6.3	This CVE describes an improper authorization vulnerability in yeqifu warehouse's role management fun
5115	CVE-2026-2076	0.06%	19.8th	6.3	This CVE describes an improper authorization vulnerability in the yeqifu warehouse user management e
5116	CVE-2025-13813	0.06%	19.9th	5.6	This vulnerability in Mogu Blog v2 allows unauthorized access to the storage management endpoint due
5117	CVE-2025-13725	0.06%	19.9th	6.5	This vulnerability allows authenticated attackers with Contributor-level WordPress access to read ar
5118	CVE-2025-49189	0.06%	19.9th	5.3	This vulnerability involves a session cookie named '@@' being configured without the HttpOnly flag,
5119	CVE-2025-14352	0.06%	19.8th	5.3	The Awesome Hotel Booking WordPress plugin has an authorization bypass vulnerability that allows una
5120	CVE-2024-50692	0.06%	19.4th	5.4	This vulnerability in SunGrow WiNet-S inverters allows attackers to send arbitrary commands to inver
5121	CVE-2024-6437	0.06%	19.7th	5.8	This vulnerability affects Arista EOS devices configured with policy-based routing, BGP Flowspec, or
5122	CVE-2025-0200	0.06%	19.5th	6.3	This critical SQL injection vulnerability in code-projects Point of Sales and Inventory Management S
5123	CVE-2020-6158	0.06%	19.5th	4.7	CVE-2020-6158 is an address bar spoofing vulnerability in Opera Mini for Android that allows malicio
5124	CVE-2025-27100	0.06%	19.5th	6.5	An authenticated denial-of-service vulnerability in lakeFS allows authenticated users to crash the s
5125	CVE-2025-23406	0.06%	19.4th	5.3	An out-of-bounds read vulnerability in Cente middleware TCP/IP Network Series allows attackers to cr
5126	CVE-2025-22936	0.06%	19.4th	5.7	This vulnerability allows remote attackers to obtain the default WiFi password on affected Smartcom
5127	CVE-2023-53008	0.06%	19.5th	5.5	This CVE describes a memory leak vulnerability in the Linux kernel's CIFS (Common Internet File Syst
5128	CVE-2023-52997	0.06%	19.5th	5.5	This CVE describes a Spectre v1 vulnerability in the Linux kernel's ip_metrics_convert() function wh
5129	CVE-2023-52989	0.06%	19.5th	5.5	This CVE describes a memory leak vulnerability in the Linux kernel's FireWire subsystem affecting ve
5130	CVE-2022-49751	0.06%	19.5th	5.5	This is a race condition vulnerability in the Linux kernel's w1 subsystem (1-Wire bus master) that c
5131	CVE-2024-7045	0.06%	19.5th	4.3	This vulnerability in open-webui v0.3.8 allows attackers to bypass access controls and view all prom
5132	CVE-2024-10719	0.06%	19.4th	5.4	A stored cross-site scripting (XSS) vulnerability in phpipam version 1.5.2 allows attackers to injec
5133	CVE-2025-21861	0.06%	19.5th	5.5	A use-after-free vulnerability in the Linux kernel's memory migration subsystem where folios (memory
5134	CVE-2025-27579	0.06%	19.5th	5.4	This CVE describes a Cross-Site Request Forgery (CSRF) vulnerability in Bitaxe ESP-Miner with AxeOS
5135	CVE-2025-39367	0.06%	19.6th	5.3	This CVE describes a Missing Authorization vulnerability in the Kleo WordPress theme that allows una
5136	CVE-2025-46489	0.06%	19.5th	5.3	This CVE describes a missing authorization vulnerability in the Bulk Assign Linked Products For WooC
5137	CVE-2025-39989	0.06%	19.4th	5.5	This Linux kernel vulnerability (CVE-2025-39989) causes improper handling of memory errors during co
5138	CVE-2025-38240	0.06%	19.4th	5.5	This vulnerability is a NULL pointer dereference in the Linux kernel's MediaTek DisplayPort driver.
5139	CVE-2025-37893	0.06%	19.4th	5.5	A Linux kernel vulnerability in the LoongArch BPF JIT compiler causes an off-by-one error in build_p
5140	CVE-2020-36789	0.06%	19.5th	5.5	This Linux kernel vulnerability in the CAN network subsystem could cause a kernel warning or potenti
5141	CVE-2025-22064	0.06%	19.4th	5.5	A Linux kernel vulnerability in the netfilter nf_tables subsystem where error handling incorrectly u
5142	CVE-2025-22043	0.06%	19.4th	5.5	This CVE addresses a missing bounds check in the Linux kernel's ksmbd (SMB server) durable handle co
5143	CVE-2025-22028	0.06%	19.4th	5.5	A race condition vulnerability in the Linux kernel's vimc media driver allows improper handling of s
5144	CVE-2025-29917	0.06%	19.5th	6.2	Suricata's decode_base64 keyword has insufficient memory allocation limits, allowing attackers to tr
5145	CVE-2025-22013	0.06%	19.5th	5.5	A Linux kernel vulnerability in KVM for ARM64 systems allows improper handling of host floating-poin
5146	CVE-2025-21938	0.06%	19.4th	4.7	A race condition in the Linux kernel's MPTCP implementation can cause a 'scheduling while atomic' ke
5147	CVE-2025-48202	0.06%	19.6th	5.3	The femanager extension for TYPO3 contains an Insecure Direct Object Reference vulnerability that al
5148	CVE-2025-48414	0.06%	19.6th	6.5	This vulnerability allows attackers to access administrative/debug scripts in the web interface usin
5149	CVE-2025-22254	0.06%	19.5th	6.6	This CVE describes an improper privilege management vulnerability in multiple Fortinet products wher
5150	CVE-2025-45731	0.06%	19.6th	6.5	A race condition in 2FAuth v5.5.0 allows data inconsistencies and orphaned accounts when a group is

← Previous Page 103 of 331 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free