Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Flags	Summary
551	CVE-2025-48927	5.39%	89.9th	5.3	KEV	The TeleMessage service exposes a Spring Boot Actuator heap dump endpoint at /heapdump, allowing att
552	CVE-2024-13180	5.38%	89.9th	7.5		CVE-2024-13180 is a path traversal vulnerability in Ivanti Avalanche that allows remote unauthentica
553	CVE-2024-12583	5.34%	89.8th	9.9		The Dynamics 365 Integration plugin for WordPress has a Server-Side Template Injection vulnerability
554	CVE-2025-22462	5.32%	89.8th	9.8		An authentication bypass vulnerability in Ivanti Neurons for ITSM on-premises deployments allows rem
555	CVE-2025-57200	5.3%	89.8th	6.5		This CVE describes an authenticated command injection vulnerability in AVTECH SECURITY Corporation's
556	CVE-2025-21348	5.24%	89.7th	7.2		This vulnerability allows remote attackers to execute arbitrary code on Microsoft SharePoint Server
557	CVE-2025-34038	5.22%	89.7th	7.5		This SQL injection vulnerability in Weaver e-cology 8.0 allows unauthenticated attackers to execute
558	CVE-2024-13742	5.11%	89.6th	9.8		The iControlWP WordPress plugin is vulnerable to PHP object injection via deserialization of untrust
559	CVE-2025-23025	5.05%	89.5th	9.0		In XWiki Platform, users with only edit rights can join realtime editing sessions and insert script
560	CVE-2026-1687	5.03%	89.5th	7.3		This CVE describes a command injection vulnerability in Tenda HG10 routers through the Boa webserver
561	CVE-2025-24984	4.97%	89.4th	4.6	KEV	This vulnerability allows sensitive information to be written to Windows NTFS log files, which could
562	CVE-2025-4123	4.96%	89.4th	7.6		This CVE describes a cross-site scripting (XSS) vulnerability in Grafana that combines client path t
563	CVE-2026-1207	4.96%	89.4th	5.4		This SQL injection vulnerability in Django's RasterField implementation for PostGIS allows remote at
564	CVE-2025-29062	4.96%	89.4th	9.8		This vulnerability allows remote attackers to execute arbitrary code on BL-AC2100 routers by exploit
565	CVE-2024-53842	4.94%	89.4th	9.8		This critical vulnerability allows remote attackers to execute arbitrary code on affected Android de
566	CVE-2025-1743	4.93%	89.4th	5.3		This critical vulnerability in Pichome 2.1.0 allows remote attackers to perform path traversal attac
567	CVE-2025-20393	4.91%	89.4th	10.0	KEV	An unauthenticated remote attacker can execute arbitrary system commands with root privileges on Cis
568	CVE-2025-3729	4.89%	89.3th	7.3		This critical vulnerability allows remote attackers to execute arbitrary operating system commands o
569	CVE-2025-3520	4.88%	89.3th	8.1		The Avatar WordPress plugin has an arbitrary file deletion vulnerability that allows authenticated a
570	CVE-2025-59403	4.84%	89.3th	9.8		The Flock Safety Collins Android app exposes unauthenticated administrative API endpoints on port 80
571	CVE-2023-53962	4.83%	89.3th	7.5		CVE-2023-53962 is an unauthenticated directory traversal vulnerability in SOUND4 IMPACT/FIRST/PULSE/
572	CVE-2025-2594	4.81%	89.3th	8.1		This vulnerability in the User Registration & Membership WordPress plugin allows attackers to authen
573	CVE-2024-48589	4.81%	89.2th	6.3		This is a Cross-Site Scripting (XSS) vulnerability in Gilnei Moraes phpABook v0.9 that allows remote
574	CVE-2025-1550	4.79%	89.2th	9.8		CVE-2025-1550 is a critical remote code execution vulnerability in Keras where the Model.load_model
575	CVE-2024-48841	4.78%	89.2th	10.0		This critical vulnerability in FLXEON software allows remote attackers to execute arbitrary code wit
576	CVE-2025-0851	4.71%	89.1th	9.8		A path traversal vulnerability in Deep Java Library's ZipUtils.unzip and TarUtils.untar functions al
577	CVE-2025-57789	4.69%	89.1th	5.4		This vulnerability allows remote attackers to gain administrative control of affected systems by exp
578	CVE-2025-23209	4.66%	89.1th	8.0	KEV	This is a remote code execution vulnerability in Craft CMS versions 4 and 5 that allows attackers to
579	CVE-2025-22949	4.65%	89.1th	9.8		This vulnerability allows remote attackers to execute arbitrary commands on Tenda AC9 routers by inj
580	CVE-2025-27780	4.6%	89th	9.8		This vulnerability allows remote attackers to execute arbitrary code on Applio voice conversion tool
581	CVE-2025-54313	4.59%	89th	7.5	KEV	This CVE describes a supply chain compromise where malicious versions of eslint-config-prettier cont
582	CVE-2025-44860	4.54%	88.9th	6.5		This CVE describes a command injection vulnerability in TOTOLINK CA300-POE routers that allows attac
583	CVE-2025-44848	4.54%	88.9th	6.5		This CVE describes a command injection vulnerability in TOTOLINK CA600-PoE routers that allows attac
584	CVE-2025-44844	4.54%	88.9th	6.5		This CVE describes a command injection vulnerability in TOTOLINK CA600-PoE routers that allows attac
585	CVE-2025-44842	4.54%	88.9th	6.5		This CVE describes a command injection vulnerability in TOTOLINK CA600-PoE routers that allows attac
586	CVE-2025-44840	4.54%	88.9th	6.5		This CVE describes a command injection vulnerability in TOTOLINK CA600-PoE routers that allows attac
587	CVE-2024-8673	4.48%	88.8th	9.1		The Z-Downloads WordPress plugin before version 1.11.7 fails to properly validate uploaded SVG files
588	CVE-2025-3439	4.48%	88.8th	9.8		The Everest Forms WordPress plugin is vulnerable to PHP object injection via deserialization of untr
589	CVE-2024-48197	4.46%	88.8th	4.7		This cross-site scripting (XSS) vulnerability in Audiocodes MP-202b version 4.4.3 allows attackers t
590	CVE-2025-67254	4.41%	88.8th	7.5		NagiosXI 2026R1.0.1 build 1762361101 contains a directory traversal vulnerability in /admin/coreconf
591	CVE-2024-48760	4.4%	88.7th	9.8		CVE-2024-48760 is a critical remote code execution vulnerability in GestioIP v3.5.7 that allows atta
592	CVE-2025-57808	4.38%	88.7th	8.1		This authentication bypass vulnerability in ESPHome allows attackers to access web server functional
593	CVE-2025-24472	4.37%	88.7th	8.1	KEV	This authentication bypass vulnerability in FortiOS and FortiProxy allows remote unauthenticated att
594	CVE-2025-6802	4.36%	88.7th	9.8		This vulnerability allows unauthenticated remote attackers to upload arbitrary files to Marvell QCon
595	CVE-2026-1689	4.33%	88.7th	7.3		This CVE describes a remote command injection vulnerability in Tenda HG10 routers. Attackers can exe
596	CVE-2024-13545	4.31%	88.6th	9.8		The Bootstrap Ultimate WordPress theme contains a Local File Inclusion vulnerability that allows una
597	CVE-2025-31486	4.31%	88.6th	5.3		This vulnerability in Vite allows attackers to bypass file access restrictions and read arbitrary fi
598	CVE-2024-13483	4.3%	88.6th	7.5		This SQL injection vulnerability in the LTL Freight Quotes – SAIA Edition WordPress plugin allows
599	CVE-2024-13479	4.3%	88.6th	7.5		This SQL injection vulnerability in the LTL Freight Quotes WordPress plugin allows unauthenticated a
600	CVE-2024-13489	4.3%	88.6th	7.5		This SQL injection vulnerability in the LTL Freight Quotes WordPress plugin allows unauthenticated a

← Previous Page 12 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free