Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
5651	CVE-2025-10947	0.06%	18th	5.3	This vulnerability allows remote attackers to bypass authorization in Sistemas Pleno Gestão de Loca
5652	CVE-2025-27024	0.06%	18th	6.5	This vulnerability allows remote authenticated users with Network Administrator privileges in Infine
5653	CVE-2025-10233	0.06%	18th	6.3	This path traversal vulnerability in kalcaddle kodbox 1.61 allows remote attackers to read or write
5654	CVE-2025-40603	0.06%	18th	4.5	A vulnerability in SonicWall SMA100 Series appliances may expose partial user credential data in log
5655	CVE-2025-46583	0.06%	18th	5.3	A Denial of Service vulnerability exists in ZTE MC889A Pro devices due to insufficient input validat
5656	CVE-2025-10637	0.06%	18th	5.3	The Social Feed Gallery WordPress plugin versions ≤4.9.2 have an authorization bypass vulnerabilit
5657	CVE-2025-11905	0.06%	18.1th	6.3	This vulnerability allows remote attackers to execute arbitrary code through code injection in the g
5658	CVE-2025-25298	0.06%	18th	5.3	Strapi versions before 5.10.3 do not enforce a maximum password length when using bcryptjs for passw
5659	CVE-2025-62359	0.06%	18.2th	6.1	A reflected cross-site scripting (XSS) vulnerability in WeGIA versions before 3.5.0 allows attackers
5660	CVE-2025-62242	0.06%	17.8th	4.3	This CVE describes an Insecure Direct Object Reference (IDOR) vulnerability in Liferay Portal and DX
5661	CVE-2025-62241	0.06%	17.8th	4.3	This CVE describes an Insecure Direct Object Reference (IDOR) vulnerability in Liferay DXP that allo
5662	CVE-2025-64049	0.06%	18.1th	4.8	A stored cross-site scripting (XSS) vulnerability in REDAXO CMS 5.20.0 allows remote authenticated u
5663	CVE-2025-56423	0.06%	18.1th	5.3	This vulnerability in OpenAtlas v8.12.0 allows remote attackers to enumerate valid usernames through
5664	CVE-2025-37156	0.06%	17.9th	6.8	This CVE describes a platform-level denial-of-service vulnerability in ArubaOS-CX software where an
5665	CVE-2025-7704	0.06%	17.9th	5.4	This vulnerability allows attackers to execute arbitrary code on Supermicro BMC systems by exploitin
5666	CVE-2025-62209	0.06%	18.2th	5.5	Windows License Manager logs sensitive information to local files, allowing authenticated local user
5667	CVE-2025-62208	0.06%	18.2th	5.5	Windows License Manager logs sensitive information to local files, allowing authenticated local atta
5668	CVE-2025-59509	0.06%	18.2th	5.5	This vulnerability in Windows Speech allows an authorized attacker to extract sensitive information
5669	CVE-2025-64436	0.06%	18th	5.3	This vulnerability in KubeVirt allows attackers with access to the virt-handler service account to f
5670	CVE-2025-20376	0.06%	18.1th	6.5	This vulnerability allows authenticated administrators in Cisco Unified CCX to upload and execute ar
5671	CVE-2025-46556	0.06%	18.1th	6.5	Mantis Bug Tracker versions 2.27.1 and below are vulnerable to a denial-of-service attack where atta
5672	CVE-2025-62329	0.06%	18th	5.0	HCL DevOps Deploy/Launch has a race condition in HTTP session IP binding that may allow brief sessio
5673	CVE-2025-67490	0.06%	17.9th	5.4	The Auth0 Next.js SDK vulnerability allows simultaneous requests from the same client to cause impro
5674	CVE-2025-67637	0.06%	18.1th	4.3	Jenkins versions 2.540 and earlier (including LTS 2.528.2 and earlier) store build authorization tok
5675	CVE-2025-13677	0.06%	18.1th	4.9	The Simple Download Counter WordPress plugin has a path traversal vulnerability that allows authenti
5676	CVE-2025-62631	0.06%	18th	5.6	This CVE describes an insufficient session expiration vulnerability in Fortinet FortiOS where active
5677	CVE-2025-14085	0.06%	18.1th	6.3	This vulnerability in youlaitech youlai-mall allows remote attackers to manipulate the orderId param
5678	CVE-2025-65097	0.06%	17.8th	6.5	This vulnerability allows authenticated users in RomM (ROM Manager) to delete collections belonging
5679	CVE-2025-65096	0.06%	17.8th	4.3	This vulnerability in RomM (ROM Manager) allows authenticated users to access private game collectio
5680	CVE-2021-47899	0.06%	17.9th	4.0	This vulnerability in YetiShare File Hosting Script allows attackers to perform server-side request
5681	CVE-2025-36066	0.06%	18.1th	6.1	This CVE describes a cross-site scripting (XSS) vulnerability in IBM Sterling Connect:Express Adapte
5682	CVE-2026-2008	0.06%	18th	6.3	This CVE describes a code injection vulnerability in the abhiphile fermat-mcp project's eqn_chart fu
5683	CVE-2025-69267	0.06%	18.2th	6.5	This path traversal vulnerability in Broadcom DX NetOps Spectrum allows attackers to access files ou
5684	CVE-2026-22691	0.06%	18th	5.3	This vulnerability in pypdf allows attackers to craft malicious PDF files that cause excessive proce
5685	CVE-2026-22690	0.06%	18th	5.3	This vulnerability in pypdf allows attackers to craft malicious PDF files that cause excessive proce
5686	CVE-2025-15495	0.06%	18th	4.7	This vulnerability in BiggiDroid Simple PHP CMS 1.0 allows attackers to upload arbitrary files via t
5687	CVE-2025-15449	0.06%	18.1th	5.4	This CVE describes a path traversal vulnerability in JavaMall's MinioController delete function that
5688	CVE-2025-23362	0.06%	17.8th	6.1	EXIF Viewer Classic versions 2.3.2 and 2.4.0 contain a cross-site scripting vulnerability that allow
5689	CVE-2023-50945	0.06%	17.7th	6.2	IBM Common Licensing 9.0 stores user credentials in plain text, allowing local users to read sensiti
5690	CVE-2024-57913	0.06%	17.7th	4.7	A race condition vulnerability in the Linux kernel's USB gadget subsystem can cause kernel panic whe
5691	CVE-2025-20123	0.06%	17.5th	4.8	This CVE describes multiple cross-site scripting (XSS) vulnerabilities in Cisco Crosswork Network Co
5692	CVE-2024-56413	0.06%	17.6th	6.1	CVE-2024-56413 is an improper session management vulnerability in Acronis Cyber Protect 16 for Windo
5693	CVE-2025-25730	0.06%	17.5th	4.6	This vulnerability allows physically proximate attackers to bypass USB debugging authorization on Mo
5694	CVE-2024-58010	0.06%	17.6th	5.5	This CVE describes an integer overflow vulnerability in the Linux kernel's binfmt_flat binary format
5695	CVE-2025-20116	0.06%	17.5th	4.8	This stored XSS vulnerability in Cisco APIC's web UI allows authenticated administrators to inject m
5696	CVE-2025-1369	0.06%	17.5th	4.5	This critical vulnerability in MicroWord eScan Antivirus 7.0.32 on Linux allows local attackers to e
5697	CVE-2025-26408	0.06%	17.5th	6.1	Wattsense Bridge devices have an unprotected JTAG interface that allows physical attackers to gain f
5698	CVE-2024-43187	0.06%	17.6th	5.9	IBM Security Verify Access Appliance and Container versions 10.0.0 through 10.0.8 transmit sensitive
5699	CVE-2025-30623	0.06%	17.7th	5.9	This stored cross-site scripting (XSS) vulnerability in the wA11y WordPress plugin allows attackers
5700	CVE-2025-30599	0.06%	17.7th	5.9	This stored cross-site scripting (XSS) vulnerability in the WP Parallax Content Slider WordPress plu

← Previous Page 114 of 331 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free