Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 6051 | CVE-2024-12679 |
|
16.8th | 4.8 | The Prisna GWT WordPress plugin before version 1.4.14 contains a stored cross-site scripting (XSS) v | |
| 6052 | CVE-2024-11266 |
|
16.8th | 4.8 | The Geocache Stat Bar Widget WordPress plugin through version 0.911 contains a stored cross-site scr | |
| 6053 | CVE-2024-11109 |
|
16.8th | 4.8 | This vulnerability in the WP Google Review Slider WordPress plugin allows administrators to inject m | |
| 6054 | CVE-2024-10475 |
|
16.8th | 4.8 | This vulnerability allows WordPress administrators to inject malicious scripts into plugin settings, | |
| 6055 | CVE-2024-10149 |
|
16.8th | 4.8 | The Social Slider Feed WordPress plugin before version 2.2.9 contains a stored cross-site scripting | |
| 6056 | CVE-2024-10144 |
|
16.8th | 4.8 | This vulnerability in the Rbs Image Gallery WordPress plugin allows high-privilege users (like contr | |
| 6057 | CVE-2024-10107 |
|
16.8th | 4.8 | This vulnerability in the RafflePress WordPress plugin allows administrators to inject malicious scr | |
| 6058 | CVE-2024-10054 |
|
16.8th | 4.8 | This vulnerability in the Happyforms WordPress plugin allows administrators to inject malicious scri | |
| 6059 | CVE-2025-3504 |
|
16.8th | 4.8 | The WP Maps WordPress plugin before version 4.7.2 contains a stored cross-site scripting (XSS) vulne | |
| 6060 | CVE-2025-3502 |
|
16.8th | 4.8 | This vulnerability in the WP Maps WordPress plugin allows administrators to inject malicious scripts | |
| 6061 | CVE-2025-6839 |
|
16.7th | 6.3 | A critical backdoor vulnerability in Conjure Position Department Service Quality Evaluation System a | |
| 6062 | CVE-2025-30753 |
|
16.9th | 6.5 | This vulnerability in Oracle WebLogic Server allows authenticated attackers with low privileges to c | |
| 6063 | CVE-2025-48810 |
|
16.7th | 5.5 | This vulnerability allows an authorized attacker with local access to exploit processor optimization | |
| 6064 | CVE-2025-26636 |
|
16.7th | 5.5 | This vulnerability in the Windows Kernel allows an authorized attacker to disclose sensitive informa | |
| 6065 | CVE-2025-7099 |
|
16.7th | 5.6 | This vulnerability in BoyunCMS allows remote attackers to execute arbitrary code through deserializa | |
| 6066 | CVE-2025-57752 |
|
16.9th | 6.2 | Next.js Image Optimization API routes have a cache key confusion vulnerability that could serve cach | |
| 6067 | CVE-2025-54733 |
|
16.8th | 6.5 | This vulnerability allows attackers to bypass authorization controls in the All Bootstrap Blocks Wor | |
| 6068 | CVE-2025-36114 |
|
16.9th | 6.5 | IBM QRadar SOAR Plugin App versions 1.0.0 through 5.6.0 contain a directory traversal vulnerability | |
| 6069 | CVE-2025-43743 |
|
16.9th | 4.3 | This vulnerability in Liferay Portal and DXP allows any authenticated user to enumerate other users' | |
| 6070 | CVE-2025-49745 |
|
16.8th | 5.4 | This cross-site scripting (XSS) vulnerability in Microsoft Dynamics 365 (on-premises) allows attacke | |
| 6071 | CVE-2025-8796 |
|
16.7th | 5.4 | This vulnerability in LitmusChaos Litmus allows unauthorized deletion of projects due to missing aut | |
| 6072 | CVE-2025-8753 |
|
16.6th | 5.4 | This critical vulnerability in litemall allows attackers to perform path traversal attacks via the d | |
| 6073 | CVE-2025-23334 |
|
16.7th | 5.9 | CVE-2025-23334 is an out-of-bounds read vulnerability in NVIDIA Triton Inference Server's Python bac | |
| 6074 | CVE-2025-43980 |
|
16.8th | 6.5 | FIRSTNUM JC21A-04 devices have SSH enabled by default with hardcoded root/admin credentials that can | |
| 6075 | CVE-2025-57879 |
|
16.9th | 6.1 | This vulnerability allows remote attackers to create malicious URLs that redirect users to arbitrary | |
| 6076 | CVE-2025-57878 |
|
16.9th | 6.1 | An unvalidated redirect vulnerability in Esri Portal for ArcGIS allows attackers to craft malicious | |
| 6077 | CVE-2025-57872 |
|
16.9th | 6.1 | This CVE describes an unvalidated redirect vulnerability in Esri Portal for ArcGIS that allows attac | |
| 6078 | CVE-2025-54831 |
|
16.7th | 6.5 | Apache Airflow 3.0.3 has a security flaw where users with READ permissions can view sensitive connec | |
| 6079 | CVE-2025-10992 |
|
16.8th | 5.3 | This vulnerability in roncoo-pay allows improper authorization through manipulation of the /user/inf | |
| 6080 | CVE-2025-10952 |
|
16.8th | 5.3 | This vulnerability in geyang ml-logger allows remote attackers to perform information disclosure by | |
| 6081 | CVE-2025-59539 |
|
16.9th | 6.3 | This is a stored cross-site scripting (XSS) vulnerability in DNN CMS where authenticated users can i | |
| 6082 | CVE-2025-58015 |
|
16.6th | 5.3 | This vulnerability in the Ays Pro Quiz Maker WordPress plugin allows unauthorized users to retrieve | |
| 6083 | CVE-2025-59412 |
|
16.7th | 5.4 | CubeCart versions before 6.5.11 have a cross-site scripting (XSS) vulnerability in the product revie | |
| 6084 | CVE-2025-10762 |
|
16.8th | 6.3 | This CVE describes a SQL injection vulnerability in kuaifan DooTask's UsersController.php file. Atta | |
| 6085 | CVE-2025-57880 |
|
16.9th | 5.4 | This CVE describes a cross-site scripting (XSS) vulnerability in BlueSpice's WhoIsOnline extension d | |
| 6086 | CVE-2025-48007 |
|
16.9th | 6.4 | This CVE describes an improper output encoding vulnerability in BlueSpice's Avatars extension that a | |
| 6087 | CVE-2025-46703 |
|
16.9th | 6.4 | This vulnerability allows attackers to inject malicious scripts into BlueSpice wiki pages through th | |
| 6088 | CVE-2025-57815 |
|
16.7th | 6.5 | Fides Admin UI login endpoint lacks specific anti-automation controls, allowing attackers to conduct | |
| 6089 | CVE-2026-21258 |
|
16.7th | 5.5 | This vulnerability in Microsoft Office Excel allows an attacker to exploit improper input validation | |
| 6090 | CVE-2025-62259 |
|
16.7th | 5.4 | This vulnerability allows remote users to access and edit content via APIs in Liferay Portal and DXP | |
| 6091 | CVE-2025-12331 |
|
16.8th | 4.7 | Willow CMS up to version 1.4.0 contains an unrestricted file upload vulnerability in the /admin/imag | |
| 6092 | CVE-2025-8666 |
|
16.7th | 6.4 | This stored XSS vulnerability in the Testimonial Carousel For Elementor WordPress plugin allows auth | |
| 6093 | CVE-2025-11944 |
|
16.7th | 4.7 | This SQL injection vulnerability in Vvveb CMS allows attackers to execute arbitrary SQL commands thr | |
| 6094 | CVE-2025-61780 |
|
16.8th | 5.8 | This vulnerability allows attackers to bypass proxy-level access restrictions in Rack applications u | |
| 6095 | CVE-2025-52624 |
|
16.8th | 5.4 | This vulnerability allows attackers to bypass script allowlist configurations in HCL AION due to an | |
| 6096 | CVE-2025-43825 |
|
16.7th | 6.5 | This vulnerability in Liferay Portal and DXP allows unauthorized actors to access sensitive user dat | |
| 6097 | CVE-2025-52654 |
|
16.7th | 4.6 | HCL MyXalytics v6.6 has an HTML injection vulnerability where untrusted input isn't properly sanitiz | |
| 6098 | CVE-2025-20366 |
|
16.8th | 6.5 | A low-privileged user in Splunk Enterprise or Splunk Cloud Platform can access sensitive search resu | |
| 6099 | CVE-2025-5092 |
|
16.7th | 6.4 | This CVE describes a stored cross-site scripting (XSS) vulnerability in WordPress plugins/themes usi | |
| 6100 | CVE-2025-13423 |
|
16.8th | 4.7 | This vulnerability allows remote attackers to upload arbitrary files to Campcodes Retro Basketball S |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free