Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
5651	CVE-2025-24910	0.2%	41.9th	4.9	This vulnerability allows attackers to perform XML External Entity (XXE) attacks against Hitachi Van
5652	CVE-2025-32585	0.2%	41.8th	7.5	This CVE describes a path traversal vulnerability in the Trusty Plugins Shop Products Filter WordPre
5653	CVE-2025-32373	0.2%	41.9th	6.5	CVE-2025-32373 is an authorization bypass vulnerability in DNN CMS where registered users can craft
5654	CVE-2025-31833	0.2%	41.8th	4.9	This CVE describes an Insecure Direct Object Reference (IDOR) vulnerability in the JobBoard Job List
5655	CVE-2025-4557	0.2%	41.9th	9.1	The ZONG YU Parking Management System has missing authentication on specific APIs, allowing unauthen
5656	CVE-2025-49131	0.2%	41.9th	6.3	CVE-2025-49131 is a sandbox escape vulnerability in FastGPT's sandbox container that allows attacker
5657	CVE-2025-5862	0.2%	41.8th	8.8	A critical buffer overflow vulnerability in Tenda AC7 routers allows remote attackers to execute arb
5658	CVE-2025-54317	0.2%	41.8th	8.4	A path traversal vulnerability in Logpoint versions before 7.6.0 allows authenticated attackers with
5659	CVE-2025-53733	0.2%	41.8th	8.4	A type conversion vulnerability in Microsoft Office Word allows attackers to execute arbitrary code
5660	CVE-2025-12235	0.2%	41.9th	8.0	A buffer overflow vulnerability in Tenda CH22 router firmware version 1.0.0.1 allows attackers on th
5661	CVE-2025-11338	0.2%	41.9th	8.8	A buffer overflow vulnerability in D-Link DI-7100G C1 routers allows remote attackers to execute arb
5662	CVE-2025-12002	0.2%	41.9th	5.9	The Feeds for YouTube Pro WordPress plugin has an arbitrary file read vulnerability that allows unau
5663	CVE-2026-1498	0.2%	41.9th	N/A	An LDAP injection vulnerability in WatchGuard Fireware OS allows remote attackers to retrieve sensit
5664	CVE-2025-0147	0.2%	41.8th	8.8	A type confusion vulnerability in Zoom Workplace App for Linux allows authenticated users to escalat
5665	CVE-2024-32555	0.2%	41.7th	9.8	This vulnerability allows attackers to escalate privileges in the Easy Real Estate WordPress plugin
5666	CVE-2024-48126	0.2%	41.7th	9.8	The HI-SCAN 6040i Hitrax HX-03-19-I security scanner contains hardcoded credentials that provide ven
5667	CVE-2023-45633	0.2%	41.8th	6.5	This CVE describes a Missing Authorization vulnerability in the IDX IMPress Listings WordPress plugi
5668	CVE-2023-46610	0.2%	41.7th	6.5	This CVE describes a Missing Authorization vulnerability in the Quill Forms WordPress plugin that al
5669	CVE-2025-22289	0.2%	41.7th	6.5	This CVE describes a Missing Authorization vulnerability in the WordPress plugin 'LTL Freight Quotes
5670	CVE-2025-25167	0.2%	41.7th	8.2	This CVE describes a missing authorization vulnerability in the BookPress WordPress plugin that allo
5671	CVE-2024-51547	0.2%	41.7th	9.8	This CVE describes a use of hard-coded credentials vulnerability in multiple ABB industrial control
5672	CVE-2025-2135	0.2%	41.8th	8.8	This is a type confusion vulnerability in Chrome's V8 JavaScript engine that could allow an attacker
5673	CVE-2025-27270	0.2%	41.7th	9.8	This CVE describes a missing authorization vulnerability in the WordPress Residential Address Detect
5674	CVE-2025-30308	0.2%	41.7th	5.5	XMP Toolkit versions 2023.12 and earlier contain an out-of-bounds read vulnerability that could allo
5675	CVE-2025-30306	0.2%	41.7th	5.5	XMP Toolkit versions 2023.12 and earlier contain an out-of-bounds read vulnerability that could allo
5676	CVE-2024-12827	0.2%	41.8th	9.8	This vulnerability allows unauthenticated attackers to reset passwords for any user account in the D
5677	CVE-2025-41679	0.2%	41.8th	5.3	An unauthenticated remote attacker can exploit a buffer overflow vulnerability in the Conftool netwo
5678	CVE-2025-12705	0.2%	41.8th	7.2	This vulnerability allows unauthenticated attackers to inject malicious scripts into WordPress pages
5679	CVE-2025-51683	0.2%	41.7th	9.8	An unauthenticated blind SQL injection vulnerability in mJobtime v15.7.2 allows attackers to execute
5680	CVE-2025-56425	0.2%	41.7th	9.1	This vulnerability allows authenticated remote attackers to inject arbitrary SMTP commands via craft
5681	CVE-2025-24671	0.2%	41.7th	9.8	This CVE describes a PHP object injection vulnerability in the Pdfcrowd Save as PDF WordPress plugin
5682	CVE-2025-24601	0.2%	41.7th	9.8	This vulnerability allows attackers to execute arbitrary code on WordPress sites running the vulnera
5683	CVE-2024-50694	0.2%	41.5th	9.8	This vulnerability allows remote attackers to execute arbitrary code on SunGrow WiNet-SV200 devices
5684	CVE-2025-23914	0.2%	41.7th	9.8	This vulnerability allows attackers to execute arbitrary code through PHP object injection by exploi
5685	CVE-2025-0104	0.2%	41.5th	6.1	A reflected cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition allows attacke
5686	CVE-2024-13110	0.2%	41.7th	4.3	This vulnerability in Beijing Yunfan Internet Technology's Yunfan Learning Examination System 1.9.2
5687	CVE-2025-26900	0.2%	41.7th	9.8	This vulnerability allows attackers to inject malicious objects through deserialization of untrusted
5688	CVE-2025-3038	0.2%	41.7th	6.3	This critical SQL injection vulnerability in Payroll Management System 1.0 allows remote attackers t
5689	CVE-2025-31694	0.2%	41.6th	8.1	This vulnerability in Drupal's Two-factor Authentication (TFA) module allows attackers to bypass 2FA
5690	CVE-2025-2984	0.2%	41.7th	6.3	This critical SQL injection vulnerability in Payroll Management System 1.0 allows attackers to manip
5691	CVE-2025-2854	0.2%	41.7th	6.3	A critical SQL injection vulnerability exists in code-projects Payroll Management System 1.0 through
5692	CVE-2025-27147	0.2%	41.6th	8.2	CVE-2025-27147 is an improper access control vulnerability in the GLPI Inventory Plugin that allows
5693	CVE-2024-40590	0.2%	41.6th	4.8	This vulnerability allows man-in-the-middle attackers to intercept and tamper with encrypted communi
5694	CVE-2025-27816	0.2%	41.7th	9.8	This vulnerability allows remote code execution on Arctera InfoScale servers through insecure deseri
5695	CVE-2025-46557	0.2%	41.6th	9.8	This vulnerability allows any user with access to XWiki pages to switch authentication methods, pote
5696	CVE-2025-3685	0.2%	41.7th	6.3	A critical SQL injection vulnerability exists in code-projects Patient Record Management System 1.0.
5697	CVE-2025-3348	0.2%	41.7th	6.3	A critical SQL injection vulnerability in code-projects Patient Record Management System 1.0 allows
5698	CVE-2025-3347	0.2%	41.7th	6.3	A critical SQL injection vulnerability in code-projects Patient Record Management System 1.0 allows
5699	CVE-2025-3235	0.2%	41.7th	6.3	This critical SQL injection vulnerability in PHPGurukul Old Age Home Management System 1.0 allows re
5700	CVE-2025-3209	0.2%	41.7th	6.3	This critical SQL injection vulnerability in Patient Record Management System 1.0 allows remote atta

← Previous Page 114 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free