Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 5751 | CVE-2025-6098 |
|
41.4th | 9.8 | This critical vulnerability in UTT θΏε 750W devices allows remote attackers to execute arbitrary | |
| 5752 | CVE-2025-54493 |
|
41.4th | 9.8 | A critical stack-based buffer overflow vulnerability in libbiosig's MFER parsing allows arbitrary co | |
| 5753 | CVE-2025-54491 |
|
41.4th | 9.8 | A critical stack-based buffer overflow vulnerability in libbiosig's MFER parsing allows arbitrary co | |
| 5754 | CVE-2025-54489 |
|
41.4th | 9.8 | A stack-based buffer overflow vulnerability in libbiosig's MFER parsing allows arbitrary code execut | |
| 5755 | CVE-2025-54487 |
|
41.4th | 9.8 | A critical stack-based buffer overflow vulnerability in libbiosig's MFER parsing allows arbitrary co | |
| 5756 | CVE-2025-54485 |
|
41.4th | 9.8 | A critical stack-based buffer overflow vulnerability in libbiosig's MFER parsing allows arbitrary co | |
| 5757 | CVE-2025-54483 |
|
41.4th | 9.8 | A critical stack-based buffer overflow vulnerability in libbiosig's MFER file parser allows arbitrar | |
| 5758 | CVE-2025-54481 |
|
41.4th | 9.8 | A stack-based buffer overflow vulnerability in libbiosig's MFER parsing allows arbitrary code execut | |
| 5759 | CVE-2025-54462 |
|
41.4th | 9.8 | A heap-based buffer overflow vulnerability in libbiosig's Nex file parser allows arbitrary code exec | |
| 5760 | CVE-2025-53853 |
|
41.4th | 9.8 | A heap-based buffer overflow vulnerability in libbiosig's ISHNE parsing allows arbitrary code execut | |
| 5761 | CVE-2025-48005 |
|
41.4th | 9.8 | A heap-based buffer overflow vulnerability in libbiosig's RHS2000 file parser allows arbitrary code | |
| 5762 | CVE-2025-53716 |
|
41.3th | 6.5 | A null pointer dereference vulnerability in Windows LSASS allows authenticated attackers to cause a | |
| 5763 | CVE-2025-56074 |
|
41.4th | 9.8 | A SQL injection vulnerability in PHPGurukul Park Ticketing Management System v2.0 allows remote atta | |
| 5764 | CVE-2025-62162 |
|
41.3th | 7.5 | A vulnerability in cel-rust allows attackers to cause denial of service by sending specially crafted | |
| 5765 | CVE-2025-66255 |
|
41.3th | 9.8 | This vulnerability allows unauthenticated attackers to upload malicious firmware files to Mozart FM | |
| 5766 | CVE-2025-43401 |
|
41.3th | 7.5 | This CVE describes a denial-of-service vulnerability in macOS that was addressed through improved in | |
| 5767 | CVE-2024-27708 |
|
41.4th | 9.6 | This CVE describes an iframe injection vulnerability in MyNET v.26.06 and earlier that allows remote | |
| 5768 | CVE-2024-58277 |
|
41.3th | N/A | This vulnerability in R Radio Network FM Transmitter 1.07 allows unauthenticated attackers to retrie | |
| 5769 | CVE-2025-23028 |
|
41.2th | 5.3 | A denial of service vulnerability in Cilium allows attackers to crash Cilium agents by sending craft | |
| 5770 | CVE-2024-11271 |
|
41.2th | 8.8 | The WordPress WebinarPress plugin has a missing capability check vulnerability that allows authentic | |
| 5771 | CVE-2024-57378 |
|
41.3th | 7.3 | CVE-2024-57378 is a broken access control vulnerability in Wazuh SIEM 4.8.2 that allows unauthorized | |
| 5772 | CVE-2025-0556 |
|
41.2th | 8.8 | This vulnerability allows local network attackers to intercept unencrypted communication between Tel | |
| 5773 | CVE-2025-2952 |
|
41.3th | 6.3 | CVE-2025-2952 is a critical unrestricted file upload vulnerability in Bluestar Micro Mall 1.0 that a | |
| 5774 | CVE-2024-11638 |
|
41.3th | 8.8 | The Gtbabel WordPress plugin before version 6.6.9 contains a server-side request forgery (SSRF) vuln | |
| 5775 | CVE-2025-1309 |
|
41.3th | 8.8 | The UiPress Lite WordPress plugin has a privilege escalation vulnerability that allows authenticated | |
| 5776 | CVE-2025-24949 |
|
41.2th | 6.5 | CVE-2025-24949 is an authentication bypass vulnerability in JotUrl 2.0 that allows attackers to chan | |
| 5777 | CVE-2025-22277 |
|
41.3th | 8.8 | This CVE describes an authentication bypass vulnerability in the Vitepos WordPress plugin that allow | |
| 5778 | CVE-2025-3909 |
|
41.3th | 8.1 | This vulnerability in Thunderbird allows attackers to execute JavaScript in the file:/// context by | |
| 5779 | CVE-2025-4453 |
|
41.3th | 6.3 | This CVE describes a critical command injection vulnerability in D-Link DIR-619L routers. Attackers | |
| 5780 | CVE-2025-4445 |
|
41.3th | 6.3 | This critical vulnerability in D-Link DIR-605L routers allows remote attackers to execute arbitrary | |
| 5781 | CVE-2025-46565 |
|
41.3th | 5.3 | This vulnerability in Vite allows attackers to bypass file access restrictions and read sensitive fi | |
| 5782 | CVE-2025-53104 |
|
41.2th | 9.1 | A command injection vulnerability in gluestack-ui's GitHub Actions workflow allowed attackers to exe | |
| 5783 | CVE-2025-11661 |
|
41.3th | 7.3 | CVE-2025-11661 is an authentication bypass vulnerability in ProjectsAndPrograms School Management Sy | |
| 5784 | CVE-2025-63220 |
|
41.2th | 7.2 | The Sound4 FIRST web-based management interface has a critical vulnerability that allows remote code | |
| 5785 | CVE-2025-64129 |
|
41.2th | 7.6 | Zenitel TCIV-3+ devices contain an out-of-bounds write vulnerability that allows remote attackers to | |
| 5786 | CVE-2025-63215 |
|
41.2th | 7.2 | The Sound4 IMPACT web management interface has a critical vulnerability allowing remote code executi | |
| 5787 | CVE-2025-64076 |
|
41.2th | 7.5 | Two vulnerabilities in cbor2's C extension allow remote attackers to cause denial of service through | |
| 5788 | CVE-2021-47785 |
|
41.3th | 9.8 | Ether MP3 CD Burner 1.3.8 contains a buffer overflow vulnerability in the registration name field th | |
| 5789 | CVE-2025-65287 |
|
41.3th | 4.3 | An unauthenticated directory traversal vulnerability in SNMP Web Pro 1.1 allows remote attackers to | |
| 5790 | CVE-2026-2063 |
|
41.3th | 4.7 | This CVE describes an OS command injection vulnerability in D-Link DIR-823X routers. Attackers can e | |
| 5791 | CVE-2025-34171 |
|
41.2th | 5.3 | CasaOS versions up to 0.4.15 expose unauthenticated endpoints that allow remote attackers to retriev | |
| 5792 | CVE-2025-67187 |
|
41.3th | 9.8 | A stack-based buffer overflow vulnerability in TOTOLINK A950RG routers allows remote attackers to ex | |
| 5793 | CVE-2026-24729 |
|
41.3th | N/A | This vulnerability allows remote attackers to upload malicious class files to Interinfo DreamMaker s | |
| 5794 | CVE-2025-48782 |
|
41.3th | 9.8 | This vulnerability allows remote attackers to upload malicious files to the Soar Cloud HRD Human Res | |
| 5795 | CVE-2024-45653 |
|
41.2th | 4.3 | IBM Sterling Connect:Direct Web Services versions 6.0-6.3 expose sensitive IP address information to | |
| 5796 | CVE-2024-12398 |
|
41.1th | 8.8 | An authenticated user with limited privileges can escalate to administrator level on affected Zyxel | |
| 5797 | CVE-2024-13210 |
|
41.1th | 4.7 | This vulnerability allows remote attackers to upload arbitrary files to the donglight bookstore e-co | |
| 5798 | CVE-2024-13201 |
|
41.1th | 4.7 | This vulnerability allows remote attackers to upload arbitrary files without restrictions in the Spr | |
| 5799 | CVE-2024-36047 |
|
41.1th | 9.8 | Infoblox NIOS has an improper input validation vulnerability that could allow attackers to execute a | |
| 5800 | CVE-2025-21188 |
|
41.1th | 6.0 | This vulnerability in Azure Network Watcher VM Extension allows authenticated users with VM-level ac |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation β making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free