Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 5251 | CVE-2025-14837 |
|
19.3th | 4.7 | This vulnerability in ZZCMS 2025 allows remote attackers to inject malicious code through the 'icp' | |
| 5252 | CVE-2025-36140 |
|
19.3th | 6.5 | This vulnerability in IBM watsonx.data allows authenticated users to cause denial of service by exha | |
| 5253 | CVE-2025-63872 |
|
19.3th | 6.1 | DeepSeek V3.2 contains an XSS vulnerability where malicious JavaScript can be executed through SVG c | |
| 5254 | CVE-2026-24130 |
|
19.2th | 5.3 | Moonraker versions 0.9.3 and below with LDAP enabled are vulnerable to LDAP injection attacks throug | |
| 5255 | CVE-2026-24903 |
|
19.2th | 5.4 | A stored cross-site scripting (XSS) vulnerability in OrcaStatLLM Researcher allows attackers to inje | |
| 5256 | CVE-2026-23528 |
|
19.2th | 6.1 | This cross-site scripting (XSS) vulnerability in Dask distributed allows attackers to craft maliciou | |
| 5257 | CVE-2025-67083 |
|
19.2th | 5.3 | CVE-2025-67083 is a directory traversal vulnerability in InvoicePlane that allows unauthenticated at | |
| 5258 | CVE-2026-20828 |
|
19.2th | 4.6 | This vulnerability allows an unauthorized attacker with physical access to a Windows system to read | |
| 5259 | CVE-2025-20938 |
|
19.2th | 5.5 | An improper access control vulnerability in SamsungContacts allows local attackers to bypass protect | |
| 5260 | CVE-2025-0746 |
|
19th | 6.1 | A reflected cross-site scripting vulnerability in EmbedAI versions 2.1 and below allows authenticate | |
| 5261 | CVE-2025-0750 |
|
19.1th | 6.6 | A path traversal vulnerability in CRI-O's log management functions (UnMountPodLogs and LinkContainer | |
| 5262 | CVE-2024-0147 |
|
18.9th | 5.5 | This CVE describes a use-after-free vulnerability in NVIDIA GPU display drivers for Windows and Linu | |
| 5263 | CVE-2024-54550 |
|
19.1th | 4.0 | This vulnerability allows applications to access autocompleted contact information from Messages and | |
| 5264 | CVE-2024-54547 |
|
18.8th | 5.5 | This vulnerability in macOS allows applications to bypass security checks and access protected user | |
| 5265 | CVE-2024-54539 |
|
18.8th | 5.5 | This vulnerability allows an application to capture keyboard events from the macOS lock screen, pote | |
| 5266 | CVE-2025-0705 |
|
19th | 4.3 | This CVE describes an open redirect vulnerability in JoeyBling bootplus software. Attackers can mani | |
| 5267 | CVE-2025-21497 |
|
19th | 5.5 | This vulnerability in MySQL Server's InnoDB component allows authenticated high-privileged attackers | |
| 5268 | CVE-2025-22131 |
|
19.1th | 6.1 | CVE-2025-22131 is a Cross-Site Scripting (XSS) vulnerability in PhpSpreadsheet that occurs when conv | |
| 5269 | CVE-2025-21653 |
|
18.9th | 5.5 | A Linux kernel vulnerability in the net_sched subsystem allows unvalidated right shift operations on | |
| 5270 | CVE-2024-36751 |
|
19.1th | 6.5 | This vulnerability in parse-uri v1.0.9 allows attackers to cause a Denial of Service (DoS) by sendin | |
| 5271 | CVE-2025-27408 |
|
19.1th | 4.8 | Manifest micro back end versions before 4.9.2 use unsalted SHA3 hashing for passwords, making stored | |
| 5272 | CVE-2024-13494 |
|
18.8th | 4.3 | This CSRF vulnerability in WordPress File Upload plugin allows attackers to modify user data details | |
| 5273 | CVE-2024-56882 |
|
18.9th | 5.4 | Sage DPW versions before 2024_12_000 contain a stored cross-site scripting (XSS) vulnerability in th | |
| 5274 | CVE-2024-13769 |
|
19th | 6.4 | This vulnerability allows authenticated attackers with Subscriber-level access or higher to inject m | |
| 5275 | CVE-2024-57961 |
|
19th | 6.8 | This CVE describes an out-of-bounds write vulnerability in the emcom module of Huawei devices. Succe | |
| 5276 | CVE-2024-57957 |
|
18.8th | 6.6 | This vulnerability involves improper log information control in Huawei's UI framework module, allowi | |
| 5277 | CVE-2025-27624 |
|
19th | 5.4 | This CSRF vulnerability in Jenkins allows attackers to trick authenticated users into toggling the c | |
| 5278 | CVE-2025-3966 |
|
19.1th | 4.3 | This vulnerability in paicoding 1.0.3 allows unauthorized users to view other users' browsing histor | |
| 5279 | CVE-2025-46574 |
|
19.1th | 4.1 | An information disclosure vulnerability in GoldenDB database allows attackers to extract sensitive s | |
| 5280 | CVE-2025-23135 |
|
19th | 5.5 | A race condition in the Linux kernel's RISC-V KVM module causes improper cleanup during module remov | |
| 5281 | CVE-2025-23130 |
|
19th | 5.5 | A race condition vulnerability in the Linux kernel's F2FS filesystem can cause a kernel panic when c | |
| 5282 | CVE-2025-22101 |
|
19th | 5.5 | A vulnerability in the Linux kernel's libwx networking module causes Tx ring hangs when non-TCP/UDP/ | |
| 5283 | CVE-2025-5033 |
|
19.1th | 4.3 | This CSRF vulnerability in TeaCMS 2.0.2 allows attackers to trick authenticated administrators into | |
| 5284 | CVE-2025-39482 |
|
18.9th | 4.3 | CVE-2025-39482 is a missing authorization vulnerability in the Eventer WordPress plugin that allows | |
| 5285 | CVE-2024-9879 |
|
18.9th | 5.4 | This vulnerability allows WordPress administrators to perform SQL injection attacks through the Mela | |
| 5286 | CVE-2025-6762 |
|
19th | 6.3 | This critical vulnerability in diyhi bbs allows remote attackers to perform server-side request forg | |
| 5287 | CVE-2025-6429 |
|
18.9th | 6.5 | Firefox incorrectly parses URLs in embed tags, rewriting them to youtube.com and bypassing website s | |
| 5288 | CVE-2025-6453 |
|
18.9th | 6.3 | A critical path traversal vulnerability in diyhi bbs 6.8 allows remote attackers to manipulate direc | |
| 5289 | CVE-2025-6341 |
|
19th | 4.3 | This CSRF vulnerability in School Fees Payment System 1.0 allows attackers to trick authenticated us | |
| 5290 | CVE-2025-54765 |
|
19th | 5.3 | This vulnerability allows authenticated read-only users to access an administrative API endpoint for | |
| 5291 | CVE-2025-8648 |
|
18.9th | 6.8 | This vulnerability allows physically present attackers to execute arbitrary code with root privilege | |
| 5292 | CVE-2025-8647 |
|
18.9th | 6.8 | This vulnerability allows physically present attackers to execute arbitrary code with root privilege | |
| 5293 | CVE-2025-8646 |
|
18.9th | 6.8 | This vulnerability allows physically present attackers to execute arbitrary code with root privilege | |
| 5294 | CVE-2025-8645 |
|
18.9th | 6.8 | This CVE describes a command injection vulnerability in Kenwood DMX958XR firmware update process tha | |
| 5295 | CVE-2025-8644 |
|
18.9th | 6.8 | This vulnerability allows physically present attackers to execute arbitrary code with root privilege | |
| 5296 | CVE-2025-8643 |
|
18.9th | 6.8 | This vulnerability allows physically present attackers to execute arbitrary code with root privilege | |
| 5297 | CVE-2025-8642 |
|
18.9th | 6.8 | This vulnerability allows physically present attackers to execute arbitrary code with root privilege | |
| 5298 | CVE-2025-8641 |
|
18.9th | 6.8 | This vulnerability allows physically present attackers to execute arbitrary code with root privilege | |
| 5299 | CVE-2025-8640 |
|
18.9th | 6.8 | This vulnerability allows physically present attackers to execute arbitrary code with root privilege | |
| 5300 | CVE-2025-8639 |
|
18.9th | 6.8 | This vulnerability allows physically present attackers to execute arbitrary code with root privilege |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free