Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 5701 | CVE-2025-30597 |
|
17.6th | 6.5 | This DOM-based Cross-Site Scripting (XSS) vulnerability in the iografica IG Shortcodes WordPress plu | |
| 5702 | CVE-2025-30593 |
|
17.6th | 6.5 | This stored cross-site scripting (XSS) vulnerability in the WordPress Include URL plugin allows atta | |
| 5703 | CVE-2024-10481 |
|
17.5th | 6.5 | A Cross-Site Request Forgery (CSRF) vulnerability in ComfyUI versions up to v0.2.2 allows attackers | |
| 5704 | CVE-2025-2350 |
|
17.6th | 6.3 | This critical vulnerability in IROAD Dash Cam FX2 allows unauthenticated attackers on the local netw | |
| 5705 | CVE-2024-51960 |
|
17.5th | 4.8 | A stored cross-site scripting vulnerability in ArcGIS Server versions 11.3 and below allows authenti | |
| 5706 | CVE-2024-51956 |
|
17.5th | 4.8 | A stored cross-site scripting vulnerability in ArcGIS Server versions 11.3 and below allows authenti | |
| 5707 | CVE-2024-51952 |
|
17.5th | 4.8 | A stored cross-site scripting (XSS) vulnerability in ArcGIS Server versions 11.3 and below allows au | |
| 5708 | CVE-2024-51950 |
|
17.5th | 4.8 | A stored cross-site scripting (XSS) vulnerability in ArcGIS Server versions 11.3 and below allows au | |
| 5709 | CVE-2024-51948 |
|
17.5th | 4.8 | A stored cross-site scripting vulnerability in ArcGIS Server versions 11.3 and below allows authenti | |
| 5710 | CVE-2024-51946 |
|
17.5th | 4.8 | This stored XSS vulnerability in ArcGIS Server allows authenticated attackers with publisher privile | |
| 5711 | CVE-2024-51944 |
|
17.5th | 4.8 | A stored cross-site scripting (XSS) vulnerability in ArcGIS Server versions 11.3 and below allows au | |
| 5712 | CVE-2024-10904 |
|
17.5th | 4.8 | A stored cross-site scripting vulnerability in ArcGIS Server versions 11.3 and below allows authenti | |
| 5713 | CVE-2025-1284 |
|
17.5th | 4.3 | This vulnerability allows authenticated WordPress users with Subscriber-level access or higher to vi | |
| 5714 | CVE-2025-5235 |
|
17.7th | 6.4 | The OpenSheetMusicDisplay WordPress plugin has a stored XSS vulnerability in all versions up to 1.4. | |
| 5715 | CVE-2025-4493 |
|
17.6th | 6.5 | This vulnerability allows a PAM (Privileged Access Management) user in Devolutions Server to perform | |
| 5716 | CVE-2025-5207 |
|
17.5th | 4.7 | This critical SQL injection vulnerability in SourceCodester Client Database Management System 1.0 al | |
| 5717 | CVE-2025-48119 |
|
17.6th | 5.3 | This vulnerability in the RS WP Book Showcase WordPress plugin allows attackers to execute arbitrary | |
| 5718 | CVE-2025-47562 |
|
17.6th | 5.3 | This CVE describes a code injection vulnerability in the MapSVG WordPress plugin that allows attacke | |
| 5719 | CVE-2025-46745 |
|
17.6th | 6.5 | An authenticated user without proper permissions can view other users' account information in affect | |
| 5720 | CVE-2025-44023 |
|
17.6th | 6.5 | This vulnerability allows remote attackers to execute arbitrary commands on affected D-Link network- | |
| 5721 | CVE-2023-47310 |
|
17.7th | 6.5 | A default configuration vulnerability in MikroTik RouterOS 7 allows incoming IPv6 UDP traceroute pac | |
| 5722 | CVE-2025-40910 |
|
17.7th | 6.5 | This vulnerability in Net::IP::LPM Perl module allows attackers to bypass IP-based access controls b | |
| 5723 | CVE-2025-45960 |
|
17.8th | 6.1 | This Cross-Site Scripting (XSS) vulnerability in tawk.to Live Chat v1.6.1 allows attackers to inject | |
| 5724 | CVE-2025-8009 |
|
17.7th | 4.9 | The Security Ninja WordPress plugin contains an arbitrary file read vulnerability in all versions up | |
| 5725 | CVE-2025-7879 |
|
17.8th | 6.3 | This vulnerability allows remote attackers to upload arbitrary files to Metasoft MetaCRM systems via | |
| 5726 | CVE-2025-7877 |
|
17.8th | 6.3 | This critical vulnerability in Metasoft MetaCRM allows remote attackers to upload arbitrary files vi | |
| 5727 | CVE-2025-53604 |
|
17.6th | 4.0 | The web-push crate for Rust before version 0.10.3 is vulnerable to denial of service through memory | |
| 5728 | CVE-2025-49482 |
|
17.6th | 5.4 | This CVE describes an improper resource shutdown vulnerability in ASR180x and ASR190x TR069 modules | |
| 5729 | CVE-2025-49491 |
|
17.6th | 5.4 | This CVE describes an improper resource shutdown vulnerability in ASR's traffic_stat modules on Linu | |
| 5730 | CVE-2025-49489 |
|
17.6th | 5.4 | This CVE describes an improper resource shutdown vulnerability in ASR Falcon_Linux, Kestrel, and Lap | |
| 5731 | CVE-2025-52460 |
|
17.7th | 5.3 | This vulnerability allows remote unauthenticated attackers to access uploaded files and SS1 configur | |
| 5732 | CVE-2025-9181 |
|
17.5th | 6.5 | This vulnerability involves uninitialized memory in the JavaScript Engine component of Mozilla produ | |
| 5733 | CVE-2025-48394 |
|
17.7th | 4.7 | This vulnerability allows authenticated privileged users to modify non-sensitive files through path | |
| 5734 | CVE-2025-23335 |
|
17.6th | 4.4 | NVIDIA Triton Inference Server contains an integer underflow vulnerability in its TensorRT backend t | |
| 5735 | CVE-2025-54097 |
|
17.6th | 6.5 | An out-of-bounds read vulnerability in Windows Routing and Remote Access Service (RRAS) allows unaut | |
| 5736 | CVE-2025-54096 |
|
17.6th | 6.5 | An out-of-bounds read vulnerability in Windows Routing and Remote Access Service (RRAS) allows unaut | |
| 5737 | CVE-2025-54095 |
|
17.6th | 6.5 | An out-of-bounds read vulnerability in Windows Routing and Remote Access Service (RRAS) allows unaut | |
| 5738 | CVE-2025-53798 |
|
17.6th | 6.5 | A buffer over-read vulnerability in Windows Routing and Remote Access Service (RRAS) allows unauthor | |
| 5739 | CVE-2025-53797 |
|
17.6th | 6.5 | A buffer over-read vulnerability in Windows Routing and Remote Access Service (RRAS) allows unauthor | |
| 5740 | CVE-2025-53796 |
|
17.6th | 6.5 | A buffer over-read vulnerability in Windows Routing and Remote Access Service (RRAS) allows unauthor | |
| 5741 | CVE-2025-58600 |
|
17.7th | 5.3 | This CVE describes a missing authorization vulnerability in the Paid Member Subscriptions WordPress | |
| 5742 | CVE-2025-63563 |
|
17.6th | 6.5 | This vulnerability allows attackers with stolen session tokens to maintain access to user accounts e | |
| 5743 | CVE-2025-12521 |
|
17.7th | 5.3 | The Analytify Pro WordPress plugin exposes usernames in HTML source code to unauthenticated visitors | |
| 5744 | CVE-2025-60898 |
|
17.8th | 5.8 | An unauthenticated SSRF vulnerability in Halo CMS 2.21 allows attackers to make the server send HTTP | |
| 5745 | CVE-2025-11760 |
|
17.8th | 5.3 | The eRoom WordPress plugin exposes Zoom SDK secret keys in client-side JavaScript, allowing unauthen | |
| 5746 | CVE-2025-60131 |
|
17.6th | 5.5 | This stored cross-site scripting (XSS) vulnerability in the Werk aan de Muur WordPress plugin allows | |
| 5747 | CVE-2025-54973 |
|
17.8th | 5.3 | A race condition vulnerability in Fortinet FortiAnalyzer allows attackers to bypass FortiCloud SSO a | |
| 5748 | CVE-2025-11597 |
|
17.6th | 6.3 | This SQL injection vulnerability in code-projects E-Commerce Website 1.0 allows attackers to manipul | |
| 5749 | CVE-2025-52961 |
|
17.6th | 6.5 | An unauthenticated adjacent attacker can cause denial-of-service on affected Juniper PTX devices by | |
| 5750 | CVE-2025-11511 |
|
17.6th | 6.3 | This SQL injection vulnerability in code-projects E-Commerce Website 1.0 allows attackers to manipul |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free