Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
5401	CVE-2024-13719	0.21%	43.1th	5.3	The PeproDev Ultimate Invoice WordPress plugin has an Insecure Direct Object Reference vulnerability
5402	CVE-2024-46910	0.21%	43.2th	7.1	An authenticated user in Apache Atlas can inject malicious scripts (XSS) that execute in other users
5403	CVE-2025-27103	0.21%	43.1th	6.5	This vulnerability allows authenticated users in DataEase to bypass a previous security patch and re
5404	CVE-2025-28872	0.21%	43.1th	5.3	This CVE describes a missing authorization vulnerability in the WordPress plugin Block Spam By Math
5405	CVE-2023-52969	0.21%	43.2th	4.9	This vulnerability in MariaDB Server can cause the database to crash under certain conditions, poten
5406	CVE-2025-45020	0.21%	43.1th	7.2	This SQL injection vulnerability in PHPGurukul Park Ticketing Management System v2.0 allows remote a
5407	CVE-2024-42699	0.21%	43.1th	6.5	This stored cross-site scripting (XSS) vulnerability in Alkacon OpenCMS 17.0 allows remote attackers
5408	CVE-2025-5863	0.21%	43.2th	8.8	This critical vulnerability in Tenda AC5 routers allows remote attackers to execute arbitrary code v
5409	CVE-2025-5855	0.21%	43.2th	8.8	A critical stack-based buffer overflow vulnerability in Tenda AC6 routers allows remote attackers to
5410	CVE-2025-5685	0.21%	43.2th	8.8	A critical stack-based buffer overflow vulnerability in Tenda CH22 routers allows remote attackers t
5411	CVE-2025-48957	0.21%	43.2th	7.5	A path traversal vulnerability in AstrBot versions 3.4.4 through 3.5.12 allows attackers to access s
5412	CVE-2025-9581	0.21%	43.2th	6.3	This vulnerability allows remote attackers to execute arbitrary commands on Comfast CF-N1 routers by
5413	CVE-2025-25737	0.21%	43.1th	6.8	This vulnerability allows attackers to bypass authentication on Kapsch TrafficCom RIS-9160 and RIS-9
5414	CVE-2025-64109	0.21%	43.1th	8.8	This vulnerability allows remote code execution in Cursor CLI Beta when a user clones a malicious Gi
5415	CVE-2023-45104	0.21%	43th	7.3	This CVE describes a missing authorization vulnerability in the WordPress BetterLinks plugin that al
5416	CVE-2025-25039	0.21%	43th	4.7	This vulnerability in HPE Aruba ClearPass Policy Manager allows authenticated remote attackers to ex
5417	CVE-2025-1014	0.21%	43th	8.8	A certificate validation vulnerability in Mozilla products allows improper certificate length checki
5418	CVE-2024-12171	0.21%	43th	8.8	The ELEX WordPress HelpDesk & Customer Ticketing System plugin has a privilege escalation vulnerabil
5419	CVE-2025-2840	0.21%	43th	5.3	The DAP to Autoresponders Email Syncing WordPress plugin exposes sensitive server information throug
5420	CVE-2025-3986	0.21%	43th	4.3	This vulnerability in Apereo CAS 5.2.6 involves inefficient regular expression complexity in the Cas
5421	CVE-2025-3531	0.21%	43th	4.3	This vulnerability allows attackers to inject malicious scripts into YouDianCMS admin interface thro
5422	CVE-2025-2881	0.21%	43th	5.3	The Developer Toolbar WordPress plugin exposes sensitive server information through a publicly acces
5423	CVE-2025-23186	0.21%	43th	8.5	This vulnerability in SAP NetWeaver Application Server ABAP allows authenticated attackers to craft
5424	CVE-2025-31420	0.21%	43th	7.6	This vulnerability allows attackers to escalate privileges in wpForo Forum, potentially granting una
5425	CVE-2025-30393	0.21%	43th	7.8	This vulnerability is a use-after-free memory corruption flaw in Microsoft Office Excel that allows
5426	CVE-2025-30379	0.21%	43th	7.8	This vulnerability in Microsoft Office Excel involves the release of an invalid pointer or reference
5427	CVE-2025-29979	0.21%	43th	7.8	A heap-based buffer overflow vulnerability in Microsoft Office Excel allows attackers to execute arb
5428	CVE-2025-29977	0.21%	43th	7.8	A use-after-free vulnerability in Microsoft Office Excel allows attackers to execute arbitrary code
5429	CVE-2025-31240	0.21%	43th	7.5	A vulnerability in macOS AFP network share mounting allows attackers to cause system termination (ke
5430	CVE-2025-40624	0.21%	43th	9.8	An unauthenticated SQL injection vulnerability in TCMAN's GIM v11 allows attackers to execute arbitr
5431	CVE-2025-40622	0.21%	43th	9.8	This is a critical SQL injection vulnerability in TCMAN's GIM v11 software that allows unauthenticat
5432	CVE-2025-40620	0.21%	43th	9.8	This is a critical SQL injection vulnerability in TCMAN's GIM v11 software that allows unauthenticat
5433	CVE-2025-7853	0.21%	43th	8.8	A critical stack-based buffer overflow vulnerability in Tenda FH451 routers allows remote attackers
5434	CVE-2025-7505	0.21%	43th	8.8	A critical stack-based buffer overflow vulnerability in Tenda FH451 routers allows remote attackers
5435	CVE-2025-8832	0.21%	43th	8.8	A stack-based buffer overflow vulnerability in Linksys WiFi range extenders allows remote attackers
5436	CVE-2025-8831	0.21%	43th	8.8	A stack-based buffer overflow vulnerability in the remote management function of Linksys RE series r
5437	CVE-2025-8826	0.21%	43th	8.8	A stack-based buffer overflow vulnerability in Linksys WiFi range extenders allows remote attackers
5438	CVE-2025-8824	0.21%	43th	8.8	A stack-based buffer overflow vulnerability in Linksys WiFi range extenders allows remote attackers
5439	CVE-2025-8822	0.21%	43th	8.8	A stack-based buffer overflow vulnerability in Linksys WiFi range extenders allows remote attackers
5440	CVE-2025-8819	0.21%	43th	8.8	A stack-based buffer overflow vulnerability in Linksys WiFi range extenders allows remote attackers
5441	CVE-2025-8817	0.21%	43th	8.8	A stack-based buffer overflow vulnerability in Linksys WiFi range extenders allows remote attackers
5442	CVE-2025-8815	0.21%	43th	7.3	This critical vulnerability in 猫宁i Morning allows remote attackers to perform path traversal att
5443	CVE-2025-8014	0.21%	43th	7.5	This CVE describes a GraphQL query complexity bypass vulnerability in GitLab EE/CE that allows unaut
5444	CVE-2025-59531	0.21%	43.1th	7.5	Argo CD versions 1.2.0 through 3.2.0-rc1 contain a vulnerability where unauthenticated API requests
5445	CVE-2025-52186	0.21%	43th	6.5	This SSRF vulnerability in Lichess lila allows remote attackers to force the server to make HTTP req
5446	CVE-2025-24588	0.21%	42.9th	6.5	This CVE describes a missing authorization vulnerability in the Patreon WordPress plugin that allows
5447	CVE-2025-23886	0.21%	42.9th	6.5	This stored cross-site scripting (XSS) vulnerability in the Annie WordPress plugin allows attackers
5448	CVE-2025-23876	0.21%	42.9th	6.5	This stored cross-site scripting (XSS) vulnerability in the WP krpano WordPress plugin allows attack
5449	CVE-2025-23873	0.21%	42.9th	6.5	This stored cross-site scripting (XSS) vulnerability in the Category D3 Tree WordPress plugin allows
5450	CVE-2025-23868	0.21%	42.9th	6.5	This stored cross-site scripting (XSS) vulnerability in the Chess Tempo Viewer WordPress plugin allo

← Previous Page 109 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free