Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
5601	CVE-2024-12920	0.2%	42.2th	8.8	This vulnerability in the FoodBakery WordPress theme allows authenticated users with Subscriber-leve
5602	CVE-2025-2035	0.2%	42.2th	6.3	This critical vulnerability in s-a-zhd Ecommerce-Website-using-PHP 1.0 allows remote attackers to up
5603	CVE-2025-28018	0.2%	42.2th	7.3	This CVE describes a buffer overflow vulnerability in TOTOLINK A800R routers through the downloadFil
5604	CVE-2025-28032	0.2%	42.2th	7.3	This CVE describes a pre-authentication buffer overflow vulnerability in multiple TOTOLINK router mo
5605	CVE-2025-29722	0.2%	42.2th	6.3	A Cross-Site Request Forgery (CSRF) vulnerability in Commercify v1.0 allows attackers to trick authe
5606	CVE-2025-32791	0.2%	42.2th	4.3	This vulnerability in Backstage's permission plugin backend allows attackers to extract information
5607	CVE-2025-30473	0.2%	42.2th	8.8	This SQL injection vulnerability in Apache Airflow Common SQL Provider allows authenticated UI users
5608	CVE-2025-4901	0.2%	42.1th	4.3	This vulnerability in D-Link DI-7003GV2 routers allows attackers on the local network to access sens
5609	CVE-2025-43006	0.2%	42.2th	6.1	CVE-2025-43006 is a Cross-Site Scripting (XSS) vulnerability in SAP Supplier Relationship Management
5610	CVE-2025-6511	0.2%	42.2th	8.8	A critical stack-based buffer overflow vulnerability in Netgear EX6150 firmware allows remote attack
5611	CVE-2025-6510	0.2%	42.2th	8.8	A critical stack-based buffer overflow vulnerability in Netgear EX6100 firmware allows remote attack
5612	CVE-2025-7088	0.2%	42.2th	8.8	A critical stack-based buffer overflow vulnerability in Belkin F9K1122 routers allows remote attacke
5613	CVE-2025-7086	0.2%	42.2th	8.8	A critical stack-based buffer overflow vulnerability in Belkin F9K1122 routers allows remote attacke
5614	CVE-2025-44961	0.2%	42.1th	9.9	This vulnerability allows authenticated users to execute arbitrary operating system commands by inje
5615	CVE-2023-35394	0.2%	42.2th	4.6	This vulnerability allows attackers to inject malicious scripts into Azure HDInsight Jupyter Noteboo
5616	CVE-2025-11561	0.2%	42.2th	8.8	This vulnerability allows attackers with permission to modify Active Directory attributes (like user
5617	CVE-2026-0771	0.2%	42.2th	7.1	This vulnerability allows remote attackers to execute arbitrary Python code on Langflow installation
5618	CVE-2024-11936	0.2%	42.1th	8.8	The Zox News WordPress theme has a vulnerability allowing authenticated users with Subscriber-level
5619	CVE-2025-21510	0.2%	42.1th	7.5	This vulnerability in Oracle JD Edwards EnterpriseOne Tools allows unauthenticated attackers to remo
5620	CVE-2024-41783	0.2%	42.1th	9.1	This vulnerability in IBM Sterling Secure Proxy allows privileged users to execute arbitrary operati
5621	CVE-2025-1295	0.2%	42.1th	8.8	The Templines Elementor Helper Core WordPress plugin allows authenticated attackers with Subscriber-
5622	CVE-2025-25054	0.2%	42.1th	6.1	Movable Type contains a reflected cross-site scripting vulnerability in the user information edit pa
5623	CVE-2021-26105	0.2%	42.1th	6.8	This CVE describes a stack-based buffer overflow vulnerability in FortiSandbox's profile parser that
5624	CVE-2025-21199	0.2%	42th	6.7	This vulnerability in Azure Agent Installer allows authenticated attackers to escalate privileges on
5625	CVE-2025-39589	0.2%	42.1th	4.3	This vulnerability in Essential Addons for Elementor WordPress plugin exposes sensitive system infor
5626	CVE-2024-13874	0.2%	42th	7.1	The Feedify WordPress plugin before version 2.4.6 contains a reflected cross-site scripting (XSS) vu
5627	CVE-2025-30802	0.2%	42.1th	4.3	The WordPress Our Team Members plugin versions up to 2.2 expose sensitive system information to unau
5628	CVE-2025-5215	0.2%	42.1th	8.8	A critical stack-based buffer overflow vulnerability in D-Link DCS-5020L IP cameras allows remote at
5629	CVE-2024-57708	0.2%	42th	5.7	This CVE describes a potential prototype pollution vulnerability in OneTrust SDK version 6.33.0 that
5630	CVE-2025-6110	0.2%	42.1th	8.8	A critical stack-based buffer overflow vulnerability in Tenda FH1201 routers allows remote attackers
5631	CVE-2026-26216	0.2%	42.1th	10.0	Crawl4AI versions before 0.8.0 contain an unauthenticated remote code execution vulnerability in the
5632	CVE-2025-50972	0.2%	42th	9.8	CVE-2025-50972 is a critical SQL injection vulnerability in AbanteCart e-commerce software that allo
5633	CVE-2025-11008	0.2%	42.1th	9.8	The CE21 Suite WordPress plugin exposes sensitive authentication credentials in log files, allowing
5634	CVE-2024-24443	0.2%	42th	6.5	An uninitialized pointer dereference vulnerability in OpenAirInterface CN5G AMF allows attackers to
5635	CVE-2024-57677	0.2%	42th	6.5	This vulnerability allows unauthenticated attackers to modify WAN service settings on D-Link DIR-816
5636	CVE-2024-51450	0.2%	42th	9.1	CVE-2024-51450 is an OS command injection vulnerability in IBM Security Verify Directory that allows
5637	CVE-2025-20633	0.2%	42th	8.8	This vulnerability in MediaTek wlan AP driver allows remote attackers within wireless range to execu
5638	CVE-2025-1233	0.2%	42th	4.3	The Lafka WordPress theme plugin allows authenticated users with subscriber-level access or higher t
5639	CVE-2025-4918	0.2%	41.9th	9.8	This vulnerability allows an attacker to perform out-of-bounds memory operations on JavaScript Promi
5640	CVE-2025-7094	0.2%	42th	8.8	A critical stack-based buffer overflow vulnerability in Belkin F9K1122 routers allows remote attacke
5641	CVE-2025-35041	0.2%	42th	7.5	Airship AI Acropolis has a vulnerability that allows unlimited MFA code attempts for 15 minutes afte
5642	CVE-2021-47846	0.2%	41.9th	8.2	CVE-2021-47846 is a critical SQL injection vulnerability in Digital Crime Report Management System 1
5643	CVE-2025-58693	0.2%	42th	6.5	This path traversal vulnerability in Fortinet FortiVoice allows privileged attackers to delete arbit
5644	CVE-2026-21638	0.2%	42th	8.8	This vulnerability allows attackers within Wi-Fi range to execute arbitrary code on affected Ubiquit
5645	CVE-2024-46670	0.2%	41.8th	7.5	An out-of-bounds read vulnerability in FortiOS IPsec IKE service allows unauthenticated remote attac
5646	CVE-2024-57633	0.2%	41.9th	7.5	This vulnerability in MonetDB Server's exps_bind_column component allows attackers to execute crafte
5647	CVE-2024-56199	0.2%	41.9th	5.2	This vulnerability allows attackers to inject malicious HTML content into the phpMyFAQ editor, disru
5648	CVE-2025-30895	0.2%	41.8th	7.5	This path traversal vulnerability in the WpEvently WordPress plugin allows attackers to include arbi
5649	CVE-2022-49737	0.2%	41.9th	7.7	This CVE describes a race condition vulnerability in X.Org X server where the main thread modifies d
5650	CVE-2025-26627	0.2%	41.9th	7.0	This command injection vulnerability in Azure Arc allows authenticated attackers to execute arbitrar

← Previous Page 113 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free