Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
5901	CVE-2025-2309	0.06%	17th	5.3	A critical heap-based buffer overflow vulnerability in HDF5 library's type conversion logic allows a
5902	CVE-2024-34398	0.06%	17th	4.2	CVE-2024-34398 is a stored HTML injection vulnerability in BMC Remedy Mid Tier 7.6.04 that allows au
5903	CVE-2025-1898	0.06%	17.2th	6.5	A critical buffer overflow vulnerability in Tenda TX3 routers allows remote attackers to execute arb
5904	CVE-2025-1896	0.06%	17.2th	6.5	A critical buffer overflow vulnerability in Tenda TX3 routers allows remote attackers to execute arb
5905	CVE-2024-54179	0.06%	17th	5.4	This CVE describes a cross-site scripting (XSS) vulnerability in IBM Business Automation Workflow an
5906	CVE-2025-3280	0.06%	17.2th	6.5	This SQL injection vulnerability in the ELEX WooCommerce Advanced Bulk Edit plugin allows authentica
5907	CVE-2025-5390	0.06%	17.1th	6.3	This critical vulnerability in JeeWMS allows remote attackers to bypass access controls on the file
5908	CVE-2025-4691	0.06%	17th	5.3	The Free Booking Plugin for WordPress is vulnerable to Insecure Direct Object Reference (IDOR) allow
5909	CVE-2025-2571	0.06%	17.1th	4.2	Mattermost fails to clear Google OAuth credentials when converting user accounts to bot accounts, al
5910	CVE-2025-48334	0.06%	17.2th	6.5	This CVE describes a Missing Authorization vulnerability in Woo Slider Pro WordPress plugin that all
5911	CVE-2025-39412	0.06%	17th	4.3	A missing authorization vulnerability in the Master Slider WordPress plugin allows attackers to perf
5912	CVE-2025-39376	0.06%	17th	4.3	This CVE describes a missing authorization vulnerability in the Car Park Booking System for WordPres
5913	CVE-2025-48268	0.06%	17th	4.3	This CVE describes a Missing Authorization vulnerability in the Guru Team Bot for Telegram on WooCom
5914	CVE-2025-48128	0.06%	17th	4.3	This CVE describes a Missing Authorization vulnerability in the Sharespine WooCommerce Connector Wor
5915	CVE-2025-48079	0.06%	17th	4.3	This CVE describes a missing authorization vulnerability in ProfileGrid WordPress plugin that allows
5916	CVE-2025-47534	0.06%	17th	4.3	This CVE describes a missing authorization vulnerability in the WordPress Auto Spinner plugin that a
5917	CVE-2025-39511	0.06%	17th	4.3	This CVE describes a missing authorization vulnerability in the WordPress Pinterest Automatic Pin pl
5918	CVE-2025-32180	0.06%	17th	4.3	A missing authorization vulnerability in the CSS3 Tooltips for WordPress plugin allows attackers to
5919	CVE-2025-31063	0.06%	17th	4.3	This CVE describes a Missing Authorization vulnerability in the redqteam Wishlist WordPress plugin t
5920	CVE-2025-46742	0.06%	17th	4.3	This vulnerability allows users who are required to change their password to access system informati
5921	CVE-2025-0936	0.06%	17th	6.5	Arista EOS devices with gNMI transport enabled may log or transmit remote server credentials when us
5922	CVE-2025-47692	0.06%	17th	4.3	This CVE describes a missing authorization vulnerability in the ContentStudio WordPress plugin that
5923	CVE-2025-47528	0.06%	17th	4.3	This CVE describes a Missing Authorization vulnerability in the pewilliams Ovation Elements WordPres
5924	CVE-2025-20967	0.06%	17.2th	5.1	This vulnerability allows attackers to read and write arbitrary files with Samsung Gallery's privile
5925	CVE-2025-0915	0.06%	17th	5.3	This vulnerability in IBM Db2 allows authenticated users to cause denial of service by exhausting me
5926	CVE-2025-1992	0.06%	17th	5.3	This vulnerability in IBM Db2 allows authenticated users in a federation environment to cause a deni
5927	CVE-2025-1327	0.06%	17th	4.3	The Homey WordPress theme has an Insecure Direct Object Reference vulnerability that allows authenti
5928	CVE-2025-6879	0.06%	17th	6.3	This critical SQL injection vulnerability in SourceCodester Best Salon Management System 1.0 allows
5929	CVE-2025-6877	0.06%	17th	6.3	This critical SQL injection vulnerability in SourceCodester Best Salon Management System 1.0 allows
5930	CVE-2025-6875	0.06%	17th	6.3	This critical SQL injection vulnerability in SourceCodester Best Salon Management System 1.0 allows
5931	CVE-2025-6869	0.06%	17.1th	4.7	This vulnerability allows remote attackers to execute arbitrary SQL commands via the ID parameter in
5932	CVE-2025-6492	0.06%	17.2th	5.3	This vulnerability in MarkText allows remote attackers to cause denial of service through inefficien
5933	CVE-2025-6417	0.06%	17th	6.3	This CVE describes a critical SQL injection vulnerability in PHPGurukul Art Gallery Management Syste
5934	CVE-2025-6415	0.06%	17th	6.3	This critical SQL injection vulnerability in PHPGurukul Art Gallery Management System allows remote
5935	CVE-2025-6413	0.06%	17th	6.3	This critical SQL injection vulnerability in PHPGurukul Art Gallery Management System allows remote
5936	CVE-2025-6411	0.06%	17th	6.3	This critical SQL injection vulnerability in PHPGurukul Art Gallery Management System 1.1 allows rem
5937	CVE-2025-5760	0.06%	17.1th	4.9	The Simple History WordPress plugin versions before 5.8.1 expose user passwords in clear text when D
5938	CVE-2025-52081	0.06%	17.2th	6.5	A stack-based buffer overflow vulnerability in Netgear XR300 routers allows attackers to execute arb
5939	CVE-2025-33032	0.06%	17.2th	4.9	A path traversal vulnerability in QNAP operating systems allows authenticated attackers with adminis
5940	CVE-2025-30272	0.06%	17th	6.5	A NULL pointer dereference vulnerability in QNAP operating systems allows attackers to cause denial-
5941	CVE-2025-43751	0.06%	17th	5.3	This vulnerability allows remote attackers to determine if user accounts exist in Liferay Portal/DXP
5942	CVE-2025-26484	0.06%	17th	5.5	Dell CloudLink versions 8.0 through 8.1.1 contain an XML External Entity (XXE) vulnerability that al
5943	CVE-2025-51057	0.06%	17.1th	6.5	This CVE describes a local file inclusion vulnerability in Vedo Suite version 2024.17 that allows au
5944	CVE-2025-6941	0.06%	17.2th	6.4	This stored XSS vulnerability in the LatePoint WordPress plugin allows authenticated attackers with
5945	CVE-2025-11051	0.06%	17th	4.3	This CVE describes a Cross-Site Request Forgery (CSRF) vulnerability in SourceCodester Pet Grooming
5946	CVE-2025-0663	0.06%	17th	6.8	A cross-tenant authentication vulnerability in WSO2 products allows privileged users in one tenant t
5947	CVE-2025-59350	0.06%	17.2th	5.3	Dragonfly's proxy access control mechanism prior to version 2.1.0 uses simple string comparisons vul
5948	CVE-2025-55904	0.06%	17th	4.0	Open5GS v2.7.5 is vulnerable to a NULL pointer dereference when receiving multipart/related HTTP POS
5949	CVE-2025-10401	0.06%	17.2th	6.3	This vulnerability allows remote attackers to execute arbitrary commands on D-Link DIR-823x routers
5950	CVE-2025-9516	0.06%	17th	4.9	The atec Debug WordPress plugin contains an arbitrary file read vulnerability that allows authentica

← Previous Page 119 of 331 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free