Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
5301	CVE-2025-8638	0.06%	18.9th	6.8	This vulnerability allows physically present attackers to execute arbitrary code with root privilege
5302	CVE-2025-8637	0.06%	18.9th	6.8	This vulnerability allows physically present attackers to execute arbitrary code with root privilege
5303	CVE-2025-8636	0.06%	18.9th	6.8	This vulnerability allows physically present attackers to execute arbitrary code with root privilege
5304	CVE-2025-8635	0.06%	18.9th	6.8	This vulnerability allows physically present attackers to execute arbitrary code with root privilege
5305	CVE-2025-8634	0.06%	18.9th	6.8	This vulnerability allows physically present attackers to execute arbitrary code with root privilege
5306	CVE-2025-8633	0.06%	18.9th	6.8	This vulnerability allows physically present attackers to execute arbitrary code with root privilege
5307	CVE-2025-8632	0.06%	18.9th	6.8	This vulnerability allows physically present attackers to execute arbitrary code with root privilege
5308	CVE-2025-8631	0.06%	18.9th	6.8	This vulnerability allows physically present attackers to execute arbitrary code with root privilege
5309	CVE-2025-8630	0.06%	18.9th	6.8	This vulnerability allows physically present attackers to execute arbitrary code with root privilege
5310	CVE-2025-8629	0.06%	18.9th	6.8	This vulnerability allows physically present attackers to execute arbitrary code with root privilege
5311	CVE-2025-8628	0.06%	18.9th	6.8	This vulnerability allows physically present attackers to execute arbitrary code with root privilege
5312	CVE-2024-45183	0.06%	18.8th	6.5	This vulnerability in Samsung Exynos mobile processors allows attackers to write data beyond allocat
5313	CVE-2025-57877	0.06%	19th	4.8	A reflected cross-site scripting (XSS) vulnerability in Esri Portal for ArcGIS allows remote authent
5314	CVE-2025-57876	0.06%	19th	4.8	A stored cross-site scripting vulnerability in Esri Portal for ArcGIS 11.4 and earlier allows authen
5315	CVE-2025-57875	0.06%	19th	4.8	A reflected cross-site scripting (XSS) vulnerability in Esri Portal for ArcGIS allows remote authent
5316	CVE-2025-57874	0.06%	19th	4.8	A reflected cross-site scripting (XSS) vulnerability in Esri Portal for ArcGIS versions 11.4 and bel
5317	CVE-2025-57873	0.06%	19th	4.8	A reflected cross-site scripting (XSS) vulnerability in Esri Portal for ArcGIS versions 11.4 and bel
5318	CVE-2025-46150	0.06%	19.1th	5.3	This CVE describes a vulnerability in PyTorch's torch.compile feature where FractionalMaxPool2d prod
5319	CVE-2025-59433	0.06%	18.8th	5.3	CVE-2025-59433 is an argument injection vulnerability in @conventional-changelog/git-client's getTag
5320	CVE-2025-57203	0.06%	18.8th	4.8	MagicProject AI version 9.1 has a stored XSS vulnerability in its chatbot generation feature that al
5321	CVE-2025-59577	0.06%	18.9th	4.3	A race condition vulnerability in MasterStudy LMS WordPress plugin allows attackers to exploit impro
5322	CVE-2025-10305	0.06%	18.9th	5.3	The Secure Passkeys WordPress plugin has an authorization vulnerability that allows authenticated us
5323	CVE-2025-12249	0.06%	19th	6.3	This CSV injection vulnerability in Axosoft Scrum and Bug Tracking allows attackers to inject malici
5324	CVE-2025-10740	0.06%	18.9th	6.3	This vulnerability allows authenticated WordPress users with Subscriber-level access or higher to mo
5325	CVE-2025-61532	0.06%	18.9th	6.1	This CVE describes a Cross-Site Scripting (XSS) vulnerability in SVX Portal versions 2.7A through 2.
5326	CVE-2025-20361	0.06%	19th	4.8	An authenticated cross-site scripting (XSS) vulnerability in Cisco Unified Communications Manager we
5327	CVE-2025-54320	0.06%	18.9th	4.3	Ascertia SigningHub versions through 8.6.8 have an email bombing vulnerability in the invite user fu
5328	CVE-2025-13268	0.06%	19th	6.3	This vulnerability allows remote attackers to execute injection attacks through the JDBC URL handler
5329	CVE-2025-13266	0.06%	18.9th	5.3	This CVE describes a path traversal vulnerability in wwwlike vlife software up to version 2.0.1. Att
5330	CVE-2025-24847	0.06%	19.1th	4.5	This vulnerability in Intel CIP software allows unprivileged software combined with a privileged use
5331	CVE-2025-12677	0.06%	19.1th	5.3	The KiotViet Sync WordPress plugin exposes webhook tokens to unauthenticated attackers through an AP
5332	CVE-2025-35021	0.06%	18.9th	6.5	This vulnerability allows attackers to bypass SSH authentication on unconfigured Abilis CPX devices
5333	CVE-2025-12626	0.06%	19th	4.3	This CVE describes a path traversal vulnerability in jeecgboot jeewx-boot that allows attackers to m
5334	CVE-2025-14178	0.06%	19.1th	6.5	A heap buffer overflow vulnerability in PHP's array_merge() function allows memory corruption when m
5335	CVE-2025-34435	0.06%	18.9th	6.5	AVideo versions before 20.1 contain an insecure direct object reference (IDOR) vulnerability that al
5336	CVE-2025-14747	0.06%	18.9th	4.3	This vulnerability allows an attacker on the local network to send a malformed RTSP Describe request
5337	CVE-2025-14731	0.06%	19th	6.3	This vulnerability in CTCMS Content Management System allows remote attackers to execute template in
5338	CVE-2025-40831	0.06%	19.1th	6.5	A vulnerability in SINEC Security Monitor allows authenticated low-privileged attackers to cause den
5339	CVE-2025-14116	0.06%	18.8th	4.7	This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in xerrors Yuxi-Know software
5340	CVE-2025-11379	0.06%	19.1th	5.3	The WebP Express WordPress plugin exposes configuration data through predictable config file names o
5341	CVE-2025-55181	0.06%	19.1th	5.3	This vulnerability in Proxygen's HTTPQuicCoroSession allows an attacker to trigger an infinite loop
5342	CVE-2025-13696	0.06%	18.8th	5.3	The Zigaform WordPress plugin exposes sensitive form submission data through an unauthenticated AJAX
5343	CVE-2026-1431	0.06%	19.1th	5.3	The Booking Calendar plugin for WordPress has an authorization vulnerability that allows unauthentic
5344	CVE-2025-15525	0.06%	19.1th	5.3	The Ajax Load More WordPress plugin has an authorization vulnerability that allows unauthenticated a
5345	CVE-2025-12825	0.06%	19.1th	5.3	The User Registration Using Contact Form 7 WordPress plugin has an authorization bypass vulnerabilit
5346	CVE-2025-27455	0.06%	18.8th	4.3	This clickjacking vulnerability allows attackers to embed the web application in malicious frames, t
5347	CVE-2025-49192	0.06%	18.8th	4.3	This clickjacking vulnerability allows attackers to embed the vulnerable web application in an invis
5348	CVE-2026-1004	0.06%	18.9th	5.3	The Essential Addons for Elementor WordPress plugin exposes draft, pending, and private WooCommerce
5349	CVE-2026-20969	0.06%	18.9th	5.5	An improper input validation vulnerability in Samsung's SecSettings component allows local attackers
5350	CVE-2026-21695	0.06%	19th	4.3	This CVE describes a Mass Assignment vulnerability in Titra time tracking software that allows authe

← Previous Page 107 of 331 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free