Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
5701	CVE-2025-3205	0.2%	41.7th	6.3	A critical SQL injection vulnerability in CodeAstro Student Grading System 1.0 allows remote attacke
5702	CVE-2025-3141	0.2%	41.7th	6.3	This critical SQL injection vulnerability in SourceCodester Online Medicine Ordering System 1.0 allo
5703	CVE-2025-3134	0.2%	41.7th	6.3	A critical SQL injection vulnerability in code-projects Payroll Management System 1.0 allows remote
5704	CVE-2025-3119	0.2%	41.7th	6.3	This is a critical SQL injection vulnerability in SourceCodester Online Tutor Portal 1.0 that allows
5705	CVE-2025-3118	0.2%	41.7th	6.3	CVE-2025-3118 is a critical SQL injection vulnerability in SourceCodester Online Tutor Portal 1.0 th
5706	CVE-2025-48075	0.2%	41.5th	7.5	A denial-of-service vulnerability in Go's Fiber web framework allows attackers to crash applications
5707	CVE-2025-29157	0.2%	41.6th	6.5	This vulnerability in petstore v1.0.7 allows remote attackers to execute arbitrary code by accessing
5708	CVE-2025-10542	0.2%	41.5th	9.8	iMonitor EAM 9.6394 ships with hardcoded default administrative credentials that are visible in the
5709	CVE-2025-62416	0.2%	41.5th	5.1	Bagisto v2.3.7 has a Server-Side Template Injection vulnerability in product description rendering t
5710	CVE-2025-9512	0.2%	41.5th	6.1	This vulnerability in the Schema & Structured Data for WP & AMP WordPress plugin allows unauthentica
5711	CVE-2025-69276	0.2%	41.5th	8.8	A deserialization vulnerability in Broadcom DX NetOps Spectrum allows attackers to inject malicious
5712	CVE-2025-67189	0.2%	41.7th	6.5	A buffer overflow vulnerability in TOTOLINK A950RG routers allows remote attackers to cause denial o
5713	CVE-2024-54530	0.2%	41.5th	9.1	This vulnerability allows password autofill to fill passwords even after authentication fails, poten
5714	CVE-2024-50953	0.2%	41.5th	7.5	This vulnerability in XINJE XL5E-16T programmable logic controllers allows attackers to send special
5715	CVE-2025-21323	0.2%	41.5th	5.5	This Windows kernel vulnerability allows attackers to read sensitive memory information from the ker
5716	CVE-2025-21320	0.2%	41.5th	5.5	This Windows kernel vulnerability allows attackers to read sensitive kernel memory information, pote
5717	CVE-2025-21318	0.2%	41.5th	5.5	This Windows kernel vulnerability allows attackers to read sensitive memory information from the ker
5718	CVE-2024-25371	0.2%	41.5th	7.5	This vulnerability in Gramine allows attackers to potentially bypass security boundaries by exploiti
5719	CVE-2025-27108	0.2%	41.5th	7.3	This vulnerability allows attackers to execute arbitrary JavaScript in victims' browsers through Cro
5720	CVE-2025-1340	0.2%	41.5th	8.8	A critical stack-based buffer overflow vulnerability in TOTOLINK X18 routers allows remote attackers
5721	CVE-2024-13749	0.2%	41.4th	6.1	The StaffList WordPress plugin up to version 3.2.3 has a CSRF vulnerability that allows unauthentica
5722	CVE-2024-57085	0.2%	41.5th	7.5	This CVE describes a prototype pollution vulnerability in the deepMerge function of @stryker-mutator
5723	CVE-2025-24095	0.2%	41.5th	7.6	This vulnerability allows applications to bypass privacy preferences on affected Apple operating sys
5724	CVE-2025-2252	0.2%	41.4th	5.3	The Easy Digital Downloads WordPress plugin exposes private download post titles to unauthenticated
5725	CVE-2024-8196	0.2%	41.4th	9.8	The Anything-LLM desktop application for Windows opens port 3001 on all network interfaces (0.0.0.0)
5726	CVE-2025-4477	0.2%	41.5th	7.2	CVE-2025-4477 is a privilege escalation vulnerability in TeamT5's ThreatSonar Anti-Ransomware softwa
5727	CVE-2024-6584	0.2%	41.5th	9.1	This vulnerability in WordPress allows administrators to make arbitrary GET requests to any URL thro
5728	CVE-2025-31493	0.2%	41.5th	9.1	This is a path traversal vulnerability in Kirby CMS that allows attackers to access and execute arbi
5729	CVE-2025-3460	0.2%	41.5th	7.7	The Quantenna Wi-Fi chipset's set_tx_pow script is vulnerable to command injection, allowing local a
5730	CVE-2025-45346	0.2%	41.5th	8.1	This SQL injection vulnerability in Bacula-web allows remote attackers to execute arbitrary SQL comm
5731	CVE-2025-52456	0.2%	41.5th	8.8	A memory corruption vulnerability in the SAIL Image Decoding Library's WebP animation decoder allows
5732	CVE-2025-10745	0.2%	41.5th	5.3	This vulnerability allows unauthenticated attackers to bypass the Banhammer WordPress plugin's traff
5733	CVE-2025-9216	0.2%	41.5th	8.8	The StoreEngine WordPress plugin up to version 1.5.0 has an arbitrary file upload vulnerability in i
5734	CVE-2025-60964	0.2%	41.4th	9.1	This CVE describes an OS command injection vulnerability in EndRun Technologies Sonoma D12 Network T
5735	CVE-2024-11976	0.2%	41.4th	7.3	This vulnerability in the BuddyPress WordPress plugin allows unauthenticated attackers to execute ar
5736	CVE-2024-35280	0.2%	41.5th	5.4	This vulnerability allows attackers to perform reflected cross-site scripting (XSS) attacks against
5737	CVE-2025-23212	0.2%	41.3th	7.7	CVE-2025-23212 is an information disclosure vulnerability in Tandoor Recipes that allows any user to
5738	CVE-2025-24143	0.2%	41.3th	6.5	This vulnerability allows malicious webpages to bypass file system access restrictions and fingerpri
5739	CVE-2025-21543	0.2%	41.3th	4.9	This vulnerability in Oracle MySQL Server allows high-privileged attackers with network access to ca
5740	CVE-2025-21505	0.2%	41.3th	4.9	This vulnerability in Oracle MySQL Server allows high-privileged attackers with network access to ca
5741	CVE-2025-21503	0.2%	41.3th	4.9	This vulnerability in MySQL Server's InnoDB component allows high-privileged attackers with network
5742	CVE-2025-21492	0.2%	41.3th	4.9	This vulnerability in MySQL Server's Optimizer component allows high-privileged attackers with netwo
5743	CVE-2025-24013	0.2%	41.4th	5.3	CodeIgniter versions before 4.5.8 lack proper validation for HTTP header names and values, allowing
5744	CVE-2024-57768	0.2%	41.3th	9.8	This SQL injection vulnerability in JFinalOA allows attackers to execute arbitrary SQL commands thro
5745	CVE-2025-0436	0.2%	41.3th	8.8	This integer overflow vulnerability in Chrome's Skia graphics engine allows remote attackers to trig
5746	CVE-2024-13253	0.2%	41.3th	9.1	This CVE describes an incorrect authorization vulnerability in Drupal's Advanced PWA inc Push Notifi
5747	CVE-2025-22386	0.2%	41.3th	7.3	This vulnerability allows session tokens from logged-out users to remain active and usable in Optimi
5748	CVE-2025-23193	0.2%	41.3th	5.3	CVE-2025-23193 is an information disclosure vulnerability in SAP NetWeaver Server ABAP that allows u
5749	CVE-2025-24899	0.2%	41.3th	7.5	This vulnerability in reNgine allows any authenticated user (including those with low-privilege role
5750	CVE-2019-25325	0.2%	41.3th	8.2	CVE-2019-25325 is an SQL injection vulnerability in Thrive Smart Home 1.1 that allows unauthenticate

← Previous Page 115 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free