Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
5551	CVE-2025-3238	0.2%	42.4th	7.3	A critical SQL injection vulnerability exists in PHPGurukul Online Fire Reporting System 1.2, specif
5552	CVE-2025-3231	0.2%	42.4th	7.3	This critical SQL injection vulnerability in PHPGurukul Zoo Management System 2.1 allows remote atta
5553	CVE-2025-3220	0.2%	42.4th	7.3	This critical SQL injection vulnerability in PHPGurukul e-Diary Management System 1.0 allows remote
5554	CVE-2025-3213	0.2%	42.4th	7.3	This critical SQL injection vulnerability in PHPGurukul e-Diary Management System 1.0 allows attacke
5555	CVE-2025-3195	0.2%	42.4th	7.3	A critical SQL injection vulnerability in itsourcecode Online Blood Bank Management System 1.0 allow
5556	CVE-2025-3188	0.2%	42.4th	7.3	This critical SQL injection vulnerability in PHPGurukul e-Diary Management System 1.0 allows attacke
5557	CVE-2025-3168	0.2%	42.4th	7.3	This critical SQL injection vulnerability in PHPGurukul Time Table Generator System 1.0 allows remot
5558	CVE-2025-3151	0.2%	42.4th	7.3	This critical SQL injection vulnerability in SourceCodester Gym Management System 1.0 allows attacke
5559	CVE-2025-3137	0.2%	42.4th	7.3	This critical SQL injection vulnerability in PHPGurukul Online Security Guards Hiring System 1.0 all
5560	CVE-2025-23173	0.2%	42.4th	7.5	This vulnerability in Versa Director SD-WAN orchestration platform exposes the websockify service on
5561	CVE-2025-3466	0.2%	42.4th	7.2	CVE-2025-3466 is a critical vulnerability in langgenius/dify versions 1.1.0 to 1.1.2 that allows att
5562	CVE-2025-9579	0.2%	42.4th	6.3	This CVE describes an OS command injection vulnerability in LB-LINK BL-X26 routers version 1.2.8. At
5563	CVE-2025-34192	0.2%	42.4th	9.8	This vulnerability affects Vasion Print (formerly PrinterLogic) deployments using outdated OpenSSL 1
5564	CVE-2025-58587	0.2%	42.4th	6.5	This vulnerability allows attackers to perform brute-force attacks against authentication systems by
5565	CVE-2025-21284	0.2%	42.3th	5.5	This vulnerability in Windows Virtual Trusted Platform Module allows attackers to cause a denial of
5566	CVE-2024-12473	0.2%	42.3th	6.5	This SQL injection vulnerability in the AI Scribe WordPress plugin allows authenticated attackers wi
5567	CVE-2022-41572	0.2%	42.3th	9.8	CVE-2022-41572 is a privilege escalation vulnerability in EyesOfNetwork (EON) where nmap can be exec
5568	CVE-2025-24690	0.2%	42.3th	8.1	This vulnerability allows attackers to include local files on the server through improper filename c
5569	CVE-2025-23952	0.2%	42.3th	8.1	This vulnerability allows attackers to include local files on the server through the WordPress custo
5570	CVE-2025-23937	0.2%	42.3th	8.1	This vulnerability allows attackers to include local files on the server through improper filename c
5571	CVE-2024-44866	0.2%	42.3th	6.8	A buffer overflow vulnerability in MuseScore Studio's GuitarPro file parser allows attackers to exec
5572	CVE-2024-49559	0.2%	42.3th	8.8	Dell SmartFabric OS10 Software contains a default password vulnerability that allows low-privileged
5573	CVE-2025-3661	0.2%	42.3th	6.4	The SB Chart block plugin for WordPress has a stored cross-site scripting vulnerability that allows
5574	CVE-2025-31120	0.2%	42.3th	5.3	This vulnerability allows unauthenticated attackers to artificially inflate forum view counts in Nam
5575	CVE-2025-3106	0.2%	42.3th	6.4	The LA-Studio Element Kit for Elementor WordPress plugin has a stored XSS vulnerability in its Table
5576	CVE-2025-3615	0.2%	42.3th	6.4	The Fluent Forms WordPress plugin has a stored cross-site scripting (XSS) vulnerability that allows
5577	CVE-2025-2083	0.2%	42.3th	6.4	The Logo Carousel Gutenberg Block WordPress plugin has a stored XSS vulnerability in versions up to
5578	CVE-2025-32996	0.2%	42.3th	4.0	This vulnerability in http-proxy-middleware allows writeBody to be called twice due to a missing 'el
5579	CVE-2025-29208	0.2%	42.3th	6.5	CodeZips Gym Management System v1.0 contains a SQL injection vulnerability in the name parameter of
5580	CVE-2025-31257	0.2%	42.3th	4.7	This CVE describes a memory handling vulnerability in Apple's WebKit browser engine that could cause
5581	CVE-2025-5868	0.2%	42.3th	8.0	This critical vulnerability in RT-Thread 5.1.0 allows improper array index validation in the sys_thr
5582	CVE-2025-6740	0.2%	42.3th	6.1	The Contact Form 7 Database Addon plugin for WordPress has a stored cross-site scripting vulnerabili
5583	CVE-2025-44010	0.2%	42.3th	6.5	A NULL pointer dereference vulnerability in Qsync Central allows authenticated remote attackers to c
5584	CVE-2025-44008	0.2%	42.3th	6.5	A NULL pointer dereference vulnerability in Qsync Central allows authenticated remote attackers to c
5585	CVE-2025-41726	0.2%	42.3th	8.8	A low-privileged remote attacker can execute arbitrary code by sending specially crafted calls to th
5586	CVE-2026-22793	0.2%	42.2th	9.6	CVE-2026-22793 is an unsafe option parsing vulnerability in the ECharts Markdown plugin of the 5ire
5587	CVE-2025-22219	0.2%	42.2th	6.8	VMware Aria Operations for Logs contains a stored cross-site scripting vulnerability that allows aut
5588	CVE-2024-57328	0.2%	42.1th	9.8	This SQL injection vulnerability in Online Food Ordering System v1.0 allows attackers to bypass auth
5589	CVE-2025-23878	0.2%	42.1th	5.9	This stored cross-site scripting (XSS) vulnerability in the WordPress Post-to-Post Links plugin allo
5590	CVE-2025-23854	0.2%	42.1th	5.9	This stored cross-site scripting (XSS) vulnerability in YesStreaming.com's Shoutcast and Icecast HTM
5591	CVE-2025-23779	0.2%	42.2th	7.6	This SQL injection vulnerability in the ResAds WordPress plugin allows attackers to execute arbitrar
5592	CVE-2024-35275	0.2%	42.2th	6.6	This SQL injection vulnerability in Fortinet FortiAnalyzer and FortiManager allows attackers to exec
5593	CVE-2025-0070	0.2%	42.2th	9.9	CVE-2025-0070 is an authentication bypass vulnerability in SAP NetWeaver Application Server for ABAP
5594	CVE-2024-13191	0.2%	42.2th	6.3	This vulnerability allows remote attackers to upload arbitrary files without restrictions in ZeroWdd
5595	CVE-2024-55008	0.2%	42.1th	7.5	JATOS 3.9.4 contains an authentication DoS vulnerability where attackers can lock any user account i
5596	CVE-2024-12279	0.2%	42.1th	6.1	The WP Social AutoConnect WordPress plugin has a Cross-Site Request Forgery vulnerability that allow
5597	CVE-2024-55078	0.2%	42.2th	9.8	This vulnerability allows unauthenticated attackers to upload arbitrary files to the WukongCRM syste
5598	CVE-2023-34399	0.2%	42.2th	9.8	This vulnerability in Mercedes-Benz NTG6 head units allows integer overflow in the Boost library whe
5599	CVE-2022-37660	0.2%	42.2th	6.5	CVE-2022-37660 is a cryptographic vulnerability in hostapd's PKEX implementation where the PKEX code
5600	CVE-2024-8984	0.2%	42.2th	7.5	This vulnerability allows unauthenticated attackers to cause a Denial of Service (DoS) by sending sp

← Previous Page 112 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free