Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
5901	CVE-2026-21511	0.19%	40.5th	7.5	This vulnerability allows attackers to spoof identities or data in Microsoft Office Outlook by explo
5902	CVE-2025-12273	0.19%	40.6th	8.8	CVE-2025-12273 is a buffer overflow vulnerability in Tenda CH22 routers affecting version 1.0.0.1. A
5903	CVE-2025-52862	0.19%	40.6th	4.9	A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with admi
5904	CVE-2025-52859	0.19%	40.6th	4.9	A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with admi
5905	CVE-2025-52857	0.19%	40.6th	4.9	A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with admi
5906	CVE-2025-52854	0.19%	40.6th	4.9	A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with admi
5907	CVE-2025-52853	0.19%	40.6th	4.9	A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with admi
5908	CVE-2025-52432	0.19%	40.6th	4.9	A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with admi
5909	CVE-2025-52428	0.19%	40.6th	4.9	A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with admi
5910	CVE-2025-52424	0.19%	40.6th	4.9	A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with admi
5911	CVE-2025-48729	0.19%	40.6th	4.9	A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with admi
5912	CVE-2025-48727	0.19%	40.6th	4.9	A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with admi
5913	CVE-2025-47214	0.19%	40.6th	4.9	A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with admi
5914	CVE-2025-40645	0.19%	40.6th	N/A	This vulnerability allows unauthenticated attackers to retrieve sensitive customer information from
5915	CVE-2025-12923	0.19%	40.6th	2.7	This vulnerability in ChestnutCMS allows attackers to perform path traversal attacks via the resourc
5916	CVE-2025-13007	0.19%	40.6th	6.1	This vulnerability allows unauthenticated attackers to inject malicious scripts into WordPress sites
5917	CVE-2024-48849	0.19%	40.4th	9.4	This vulnerability allows attackers to bypass WebSocket origin validation in FLXEON systems, enablin
5918	CVE-2024-12142	0.19%	40.4th	8.6	This CVE describes an information exposure vulnerability in Schneider Electric products where unauth
5919	CVE-2025-21288	0.19%	40.5th	6.5	This vulnerability in Windows COM Server allows attackers to read sensitive information from memory
5920	CVE-2025-21272	0.19%	40.5th	6.5	This vulnerability in Windows COM Server allows attackers to read sensitive information from memory
5921	CVE-2023-47557	0.19%	40.4th	4.3	This CVE describes a missing authorization vulnerability in the WordPress Visitors Traffic Real Time
5922	CVE-2024-2297	0.19%	40.4th	7.1	The Bricks WordPress theme has a privilege escalation vulnerability that allows authenticated attack
5923	CVE-2025-31676	0.19%	40.4th	8.8	A weak authentication vulnerability in Drupal's Email TFA module allows attackers to brute force two
5924	CVE-2025-29993	0.19%	40.4th	5.3	PowerCMS versions before 6.6.1, 5.2.8, and 4.5.9 contain an HTTP header injection vulnerability (CWE
5925	CVE-2024-51322	0.19%	40.5th	5.4	This Cross-Site Scripting (XSS) vulnerability in Zucchetti Ad Hoc Infinity 2.4 allows authenticated
5926	CVE-2024-51320	0.19%	40.5th	5.4	This CVE describes a Cross-Site Scripting (XSS) vulnerability in Zucchetti Ad Hoc Infinity 2.4 that
5927	CVE-2025-3829	0.19%	40.4th	7.3	This critical SQL injection vulnerability in PHPGurukul Men Salon Management System 1.0 allows attac
5928	CVE-2025-25234	0.19%	40.4th	7.1	Omnissa UAG contains a CORS bypass vulnerability that allows attackers with network access to circum
5929	CVE-2025-27939	0.19%	40.5th	7.5	This vulnerability allows attackers to change registered email addresses of other users, enabling ac
5930	CVE-2025-3569	0.19%	40.4th	6.3	This critical vulnerability in JamesZBL/code-projects db-hospital-drug 1.0 allows remote attackers t
5931	CVE-2025-30644	0.19%	40.5th	7.5	A heap-based buffer overflow vulnerability in Juniper Networks Junos OS flexible PIC concentrator (F
5932	CVE-2025-3412	0.19%	40.4th	6.3	This critical vulnerability in mymagicpower AIAS allows attackers to perform Server-Side Request For
5933	CVE-2025-5893	0.19%	40.5th	9.8	Smart Parking Management System from Honding Technology exposes plaintext administrator credentials
5934	CVE-2025-57266	0.19%	40.4th	9.8	This vulnerability allows unauthenticated attackers to access sensitive information like API keys th
5935	CVE-2025-9054	0.19%	40.4th	9.8	This vulnerability allows unauthenticated attackers to modify WordPress site options via the MultiLo
5936	CVE-2025-5948	0.19%	40.4th	9.8	The Service Finder Bookings WordPress plugin has an authentication bypass vulnerability that allows
5937	CVE-2025-10049	0.19%	40.5th	7.2	This vulnerability allows authenticated attackers with Administrator-level access or higher to uploa
5938	CVE-2025-10001	0.19%	40.5th	7.2	This vulnerability allows authenticated attackers with Administrator-level access to upload arbitrar
5939	CVE-2025-12275	0.19%	40.5th	9.8	This vulnerability allows attackers to manipulate mail configuration files and execute arbitrary com
5940	CVE-2025-9967	0.19%	40.4th	9.8	The Orion SMS OTP Verification WordPress plugin allows unauthenticated attackers to reset any user's
5941	CVE-2025-59185	0.19%	40.4th	6.5	This vulnerability in Windows Core Shell allows attackers to manipulate file paths or names remotely
5942	CVE-2025-11533	0.19%	40.4th	9.8	The WP Freeio WordPress plugin allows unauthenticated attackers to register accounts with administra
5943	CVE-2026-0774	0.19%	40.5th	8.8	This vulnerability allows network-adjacent attackers to execute arbitrary code on WatchYourLAN insta
5944	CVE-2026-24042	0.19%	40.4th	9.4	This vulnerability allows unauthenticated attackers to execute unpublished edit-mode actions in publ
5945	CVE-2026-23946	0.19%	40.5th	6.8	This critical vulnerability allows authenticated staff users in Tendenci CMS to execute arbitrary co
5946	CVE-2024-48858	0.19%	40.4th	7.5	An improper input validation vulnerability in the PCX image codec in QNX SDP allows unauthenticated
5947	CVE-2024-6324	0.19%	40.3th	4.3	A denial-of-service vulnerability in GitLab allows attackers to create cyclic references between epi
5948	CVE-2024-38731	0.19%	40.3th	4.3	This CSRF vulnerability in the Marsian i-amaze WordPress theme allows attackers to trick authenticat
5949	CVE-2024-37237	0.19%	40.3th	4.3	This CSRF vulnerability in the FS Poster WordPress plugin allows attackers to trick authenticated ad
5950	CVE-2024-38778	0.19%	40.3th	4.3	A Cross-Site Request Forgery (CSRF) vulnerability in the WP Fast Total Search WordPress plugin allow

← Previous Page 119 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free