Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
6251	CVE-2025-31564	0.18%	39.5th	8.5	This SQL injection vulnerability in the Ai Auto Tool Content Writing Assistant WordPress plugin allo
6252	CVE-2025-31561	0.18%	39.5th	8.5	This SQL injection vulnerability in the Ultimate Push Notifications WordPress plugin allows attacker
6253	CVE-2025-31089	0.18%	39.5th	8.5	This SQL injection vulnerability in Fahad Mahmood's Order Splitter for WooCommerce plugin allows att
6254	CVE-2025-31024	0.18%	39.5th	8.5	This SQL injection vulnerability in the RJ Quickcharts WordPress plugin allows attackers to execute
6255	CVE-2025-3609	0.18%	39.4th	5.3	The Reales WP STPT WordPress plugin allows unauthenticated attackers to create user accounts without
6256	CVE-2025-4150	0.18%	39.4th	8.8	A critical buffer overflow vulnerability in Netgear EX6200 routers allows remote attackers to execut
6257	CVE-2025-4148	0.18%	39.4th	8.8	A critical buffer overflow vulnerability in Netgear EX6200 routers allows remote attackers to execut
6258	CVE-2019-25321	0.18%	39.4th	9.8	CVE-2019-25321 is a critical stack overflow vulnerability in FTP Navigator 8.03 that allows attacker
6259	CVE-2025-7114	0.18%	39.4th	7.3	This critical vulnerability in SimStudioAI allows unauthenticated remote attackers to bypass authent
6260	CVE-2025-50861	0.18%	39.4th	6.5	The Lotus Cars Android app version 1.2.8 contains an exported component (PushDeepLinkActivity) that
6261	CVE-2025-8748	0.18%	39.4th	8.8	CVE-2025-8748 is a command injection vulnerability in MiR robot software that allows authenticated u
6262	CVE-2025-56749	0.18%	39.4th	9.4	This vulnerability allows attackers to forge valid JWT authentication tokens using a predictable har
6263	CVE-2025-41703	0.18%	39.4th	7.5	An unauthenticated remote attacker can send a Modbus command to turn off the output of an Uninterrup
6264	CVE-2025-60701	0.18%	39.5th	6.5	This CVE describes a command injection vulnerability in D-Link DIR-882 router firmware that allows u
6265	CVE-2025-11986	0.18%	39.4th	5.3	The Crypto WordPress plugin has an authentication bypass vulnerability that allows unauthenticated a
6266	CVE-2026-2163	0.18%	39.3th	4.7	This CVE describes a command injection vulnerability in D-Link DIR-600 routers affecting the ssdp.cg
6267	CVE-2025-36937	0.18%	39.4th	9.8	This critical vulnerability in Android's audio decoder allows remote attackers to execute arbitrary
6268	CVE-2025-54100	0.18%	39.4th	7.8	This command injection vulnerability in Windows PowerShell allows attackers to execute arbitrary cod
6269	CVE-2026-2081	0.18%	39.3th	4.7	This CVE describes an OS command injection vulnerability in D-Link DIR-823X routers via the /goform/
6270	CVE-2026-0990	0.18%	39.5th	5.9	A recursion vulnerability in libxml2's xmlCatalogXMLResolveURI function allows remote attackers to c
6271	CVE-2024-57548	0.18%	39.2th	9.1	CMSimple 5.16 contains a broken access control vulnerability that allows authenticated users to edit
6272	CVE-2024-26012	0.18%	39.2th	6.7	This CVE describes an OS command injection vulnerability in Fortinet FortiAP devices that allows loc
6273	CVE-2025-1646	0.18%	39.3th	7.3	This critical vulnerability in Lumsoft ERP 8 allows remote attackers to upload arbitrary files via t
6274	CVE-2025-29100	0.18%	39.3th	9.8	This vulnerability allows remote attackers to execute arbitrary code on Tenda AC8 routers via a buff
6275	CVE-2024-9308	0.18%	39.2th	6.1	An open redirect vulnerability in haotian-liu/llava v1.2.0 allows attackers to redirect users to mal
6276	CVE-2025-25595	0.18%	39.3th	9.8	CVE-2025-25595 is an authentication bypass vulnerability in Safe App version a3.0.9 that allows atta
6277	CVE-2024-53695	0.18%	39.3th	9.1	A buffer overflow vulnerability in QNAP HBS 3 Hybrid Backup Sync allows remote attackers to modify m
6278	CVE-2025-27661	0.18%	39.2th	9.1	This CVE describes a session fixation vulnerability in Vasion Print (formerly PrinterLogic) that all
6279	CVE-2025-3912	0.18%	39.3th	5.3	This vulnerability allows unauthenticated attackers to read sensitive configuration data from the WS
6280	CVE-2025-27475	0.18%	39.2th	7.0	This vulnerability in Windows Update Stack allows local attackers with existing system access to rea
6281	CVE-2024-52962	0.18%	39.3th	5.3	An unauthenticated remote attacker can inject malicious content into FortiAnalyzer and FortiManager
6282	CVE-2025-3241	0.18%	39.3th	6.3	This XXE vulnerability in YoukeFu allows attackers to read arbitrary files from the server by exploi
6283	CVE-2025-35003	0.18%	39.2th	9.8	This CVE describes memory buffer and stack-based buffer overflow vulnerabilities in Apache NuttX RTO
6284	CVE-2025-4559	0.18%	39.3th	9.8	CVE-2025-4559 is a critical SQL injection vulnerability in Netvision ISOinsight software that allows
6285	CVE-2025-3708	0.18%	39.3th	9.8	CVE-2025-3708 is a critical SQL injection vulnerability in Le-show medical practice management syste
6286	CVE-2025-6069	0.18%	39.3th	4.3	This CVE describes a denial-of-service vulnerability in Python's html.parser.HTMLParser class where
6287	CVE-2025-47984	0.18%	39.3th	7.5	This vulnerability in Windows GDI (Graphics Device Interface) allows an unauthorized attacker to rem
6288	CVE-2025-63221	0.18%	39.3th	9.1	This vulnerability allows unauthenticated remote attackers to bypass authentication on Axel Technolo
6289	CVE-2025-64754	0.18%	39.3th	N/A	This vulnerability in Jitsi Meet allows attackers to hijack the OAuth authentication window for Micr
6290	CVE-2025-11366	0.18%	39.3th	9.8	N-central versions before 2025.4 contain a path traversal vulnerability that allows attackers to byp
6291	CVE-2025-56124	0.18%	39.3th	7.8	This CVE describes an OS command injection vulnerability in Ruijie X60 PRO routers that allows attac
6292	CVE-2025-63362	0.18%	39.3th	9.8	This vulnerability allows attackers to set blank administrator credentials on Waveshare serial-to-Et
6293	CVE-2024-57766	0.18%	39.1th	9.1	This vulnerability allows remote code execution through fastjson deserialization in MSFM's table edi
6294	CVE-2024-57763	0.18%	39.1th	9.1	This CVE describes a fastjson deserialization vulnerability in MSFM that allows remote code executio
6295	CVE-2024-57762	0.18%	39.1th	7.5	MSFM before version 2025.01.01 contains a deserialization vulnerability in its pom.xml configuration
6296	CVE-2025-27154	0.18%	39.2th	9.8	Spotipy versions before 2.25.1 create cache files with overly permissive 644 permissions, exposing S
6297	CVE-2025-27296	0.18%	39.2th	7.2	This CVE describes a Missing Authorization vulnerability in the Revenueflex Auto Ad Inserter WordPre
6298	CVE-2024-12917	0.18%	39.2th	8.3	This vulnerability in Agito Computer Health4All allows unauthorized external parties to access files
6299	CVE-2025-25678	0.18%	39.1th	9.8	This vulnerability allows remote attackers to execute arbitrary code on Tenda i12 routers by sending
6300	CVE-2025-25662	0.18%	39.1th	9.8	This vulnerability allows remote attackers to execute arbitrary code on Tenda O4 V3.0 routers via a

← Previous Page 126 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free