Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 6351 | CVE-2025-21257 |
|
38.9th | 5.5 | This vulnerability in Windows WLAN AutoConfig Service allows an authenticated attacker to read sensi | |
| 6352 | CVE-2025-0463 |
|
38.9th | 6.3 | This critical vulnerability in Shanghai Lingdang Information Technology's Lingdang CRM allows remote | |
| 6353 | CVE-2025-23082 |
|
38.9th | 7.2 | Veeam Backup for Microsoft Azure is vulnerable to Server-Side Request Forgery (SSRF), allowing unaut | |
| 6354 | CVE-2024-54997 |
|
38.9th | 5.4 | MonicaHQ v4.1.1 contains an authenticated client-side injection vulnerability in the journal entry t | |
| 6355 | CVE-2024-56246 |
|
38.9th | 6.5 | This vulnerability allows attackers to inject malicious scripts into web pages generated by the Next | |
| 6356 | CVE-2025-26604 |
|
38.9th | 8.3 | CVE-2025-26604 is a critical vulnerability in Discord-Bot-Framework-Kernel that allows arbitrary cod | |
| 6357 | CVE-2024-13372 |
|
38.9th | 5.3 | This vulnerability allows unauthenticated attackers to download user resumes without authorization i | |
| 6358 | CVE-2025-21104 |
|
38.9th | 4.3 | Dell NetWorker Management Console versions prior to 19.11.0.4 and version 19.12 contain an open redi | |
| 6359 | CVE-2025-30718 |
|
38.9th | 5.4 | This vulnerability in Oracle E-Business Suite's Applications Framework allows authenticated attacker | |
| 6360 | CVE-2025-6379 |
|
38.9th | 8.8 | The BeeTeam368 Extensions Pro WordPress plugin contains a directory traversal vulnerability that all | |
| 6361 | CVE-2019-25327 |
|
38.9th | 9.8 | CVE-2019-25327 is a critical buffer overflow vulnerability in Prime95 version 29.8 build 6 that allo | |
| 6362 | CVE-2019-25319 |
|
38.9th | 9.8 | CVE-2019-25319 is a critical stack overflow vulnerability in Domain Quester Pro 6.02 that allows rem | |
| 6363 | CVE-2024-32832 |
|
38.9th | 9.8 | This CVE describes a Missing Authorization vulnerability in the WordPress Login with Phone Number pl | |
| 6364 | CVE-2025-8268 |
|
38.9th | 6.5 | The AI Engine WordPress plugin up to version 2.9.5 lacks proper authentication checks in its REST AP | |
| 6365 | CVE-2025-20370 |
|
38.9th | 4.9 | This vulnerability allows authenticated Splunk users with the 'change_authentication' capability to | |
| 6366 | CVE-2025-7820 |
|
38.9th | 7.5 | The SKT PayPal for WooCommerce WordPress plugin has a payment bypass vulnerability that allows unaut | |
| 6367 | CVE-2025-13206 |
|
38.9th | 7.2 | This vulnerability allows unauthenticated attackers to inject malicious JavaScript into WordPress si | |
| 6368 | CVE-2025-63531 |
|
38.9th | 10.0 | This SQL injection vulnerability in Blood Bank Management System 1.0 allows attackers to bypass auth | |
| 6369 | CVE-2025-7072 |
|
38.9th | N/A | This CVE describes a critical vulnerability in KAON CG3000TC and CG3000T routers where hard-coded cr | |
| 6370 | CVE-2024-36510 |
|
38.8th | 5.3 | This vulnerability allows unauthenticated attackers to enumerate valid user accounts on Fortinet pro | |
| 6371 | CVE-2025-0061 |
|
38.7th | 8.7 | SAP BusinessObjects Business Intelligence Platform has an information disclosure vulnerability that | |
| 6372 | CVE-2025-1402 |
|
38.8th | 5.3 | This vulnerability in the Event Tickets and Registration WordPress plugin allows authenticated attac | |
| 6373 | CVE-2025-22657 |
|
38.7th | 7.5 | This CVE describes a missing authorization vulnerability in the Atarim WordPress plugin that allows | |
| 6374 | CVE-2025-24876 |
|
38.8th | 8.1 | CVE-2025-24876 is an authentication bypass vulnerability in SAP Approuter Node.js package that allow | |
| 6375 | CVE-2025-2074 |
|
38.7th | 5.3 | This SQL injection vulnerability in the Advanced Google reCAPTCHA WordPress plugin allows authentica | |
| 6376 | CVE-2025-0452 |
|
38.8th | 8.2 | DB-GPT versions on Windows systems are vulnerable to arbitrary file deletion through the '/v1/agent/ | |
| 6377 | CVE-2025-27415 |
|
38.8th | 7.5 | This vulnerability allows attackers to poison CDN caches by sending crafted HTTP requests to Nuxt ap | |
| 6378 | CVE-2024-12650 |
|
38.7th | 5.4 | This vulnerability allows low-privileged attackers to manipulate memory size requests, causing the a | |
| 6379 | CVE-2025-21416 |
|
38.7th | 8.5 | This vulnerability in Azure Virtual Desktop allows authenticated attackers to escalate privileges th | |
| 6380 | CVE-2025-47697 |
|
38.7th | 7.5 | CVE-2025-47697 is an authentication bypass vulnerability in wivia 5 where client-side security contr | |
| 6381 | CVE-2025-20154 |
|
38.8th | 8.6 | An out-of-bounds array access vulnerability in Cisco's TWAMP server implementation allows unauthenti | |
| 6382 | CVE-2025-6212 |
|
38.8th | 7.2 | This vulnerability allows unauthenticated attackers to inject malicious scripts into WordPress sites | |
| 6383 | CVE-2025-1478 |
|
38.7th | 6.5 | A denial-of-service vulnerability in GitLab CE/EE allows attackers to crash the service by exploitin | |
| 6384 | CVE-2025-20261 |
|
38.8th | 8.8 | This vulnerability allows authenticated remote attackers to bypass SSH restrictions on Cisco UCS ser | |
| 6385 | CVE-2025-8097 |
|
38.8th | 5.3 | The WoodMart WordPress theme has an input validation vulnerability that allows unauthenticated attac | |
| 6386 | CVE-2025-46199 |
|
38.7th | 9.8 | A cross-site scripting (XSS) vulnerability in Grav CMS versions 1.7.48 and earlier allows attackers | |
| 6387 | CVE-2025-20684 |
|
38.7th | 9.8 | This CVE describes a critical out-of-bounds write vulnerability in MediaTek's WLAN AP driver. An att | |
| 6388 | CVE-2025-20682 |
|
38.7th | 9.8 | This vulnerability in MediaTek wlan AP driver allows local attackers to write beyond allocated memor | |
| 6389 | CVE-2025-20680 |
|
38.7th | 9.8 | This CVE describes a critical Bluetooth driver vulnerability allowing local privilege escalation wit | |
| 6390 | CVE-2025-20309 |
|
38.8th | 10.0 | This critical vulnerability allows unauthenticated remote attackers to log into Cisco Unified Commun | |
| 6391 | CVE-2025-8898 |
|
38.8th | 9.8 | This vulnerability allows unauthenticated attackers to change any user's email address in the Taxi B | |
| 6392 | CVE-2025-6921 |
|
38.7th | 7.5 | This CVE describes a Regular Expression Denial of Service (ReDoS) vulnerability in the huggingface/t | |
| 6393 | CVE-2025-11630 |
|
38.7th | 6.3 | This CVE describes a path traversal vulnerability in RainyGao DocSys up to version 2.02.36. Attacker | |
| 6394 | CVE-2025-55972 |
|
38.7th | 7.5 | This vulnerability allows remote attackers to cause a Denial of Service (DoS) on TCL Smart TVs by fl | |
| 6395 | CVE-2025-2026 |
|
38.7th | N/A | This vulnerability allows authenticated remote attackers with web read-only privileges to execute nu | |
| 6396 | CVE-2025-14539 |
|
38.7th | 5.4 | The Shortcode Ajax WordPress plugin allows unauthenticated attackers to execute arbitrary shortcodes | |
| 6397 | CVE-2025-12510 |
|
38.7th | 7.2 | The Widgets for Google Reviews WordPress plugin has a stored XSS vulnerability that allows unauthent | |
| 6398 | CVE-2025-11131 |
|
38.8th | 7.5 | This vulnerability in nr modem software allows remote attackers to cause a system crash through impr | |
| 6399 | CVE-2025-22221 |
|
38.7th | 5.2 | VMware Aria Operations for Logs contains a stored cross-site scripting vulnerability where an authen | |
| 6400 | CVE-2025-24353 |
|
38.6th | 5.0 | This vulnerability in Directus allows users with typical permissions to specify arbitrary roles when |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free