Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
601	CVE-2024-39604	0.89%	75th	9.0	This vulnerability allows remote attackers to execute arbitrary commands on Wavlink AC3000 routers b
602	CVE-2025-2232	0.88%	75th	9.8	This vulnerability allows unauthenticated attackers to register administrator accounts on WordPress
603	CVE-2024-46479	0.88%	74.9th	9.9	Venki Supravizio BPM through version 18.0.1 contains an arbitrary file upload vulnerability that all
604	CVE-2025-3484	0.88%	74.9th	9.8	This critical vulnerability in MedDream PACS Server allows remote attackers to execute arbitrary cod
605	CVE-2024-12248	0.88%	74.9th	9.8	The Contec Health CMS8000 Patient Monitor has a critical vulnerability (CVE-2024-12248) that allows
606	CVE-2024-13787	0.88%	74.9th	9.8	This vulnerability in the VEDA WordPress theme allows authenticated attackers with Subscriber-level
607	CVE-2025-1061	0.87%	74.8th	9.8	The Nextend Social Login Pro WordPress plugin has an authentication bypass vulnerability that allows
608	CVE-2024-55507	0.86%	74.7th	9.8	A privilege escalation vulnerability in CodeAstro Complaint Management System v1.0 allows remote att
609	CVE-2024-55532	0.86%	74.7th	9.8	This vulnerability allows CSV formula injection in Apache Ranger's export feature, enabling attacker
610	CVE-2025-26199	0.86%	74.7th	9.8	CloudClassroom-PHP-Project v1.0 transmits login passwords over unencrypted HTTP, allowing network-ba
611	CVE-2025-3115	0.86%	74.6th	9.8	CVE-2025-3115 is a critical vulnerability in Spotfire software that allows attackers to inject malic
612	CVE-2025-45427	0.85%	74.4th	9.8	This CVE describes a stack overflow vulnerability in Tenda AC9 routers that allows remote attackers
613	CVE-2025-61809	0.84%	74.3th	9.1	This CVE describes an Improper Input Validation vulnerability in Adobe ColdFusion that allows attack
614	CVE-2025-20634	0.84%	74.3th	9.8	This critical vulnerability in MediaTek modems allows remote code execution when a device connects t
615	CVE-2024-10960	0.84%	74.3th	9.9	The Brizy Page Builder WordPress plugin allows authenticated users with Contributor-level access or
616	CVE-2025-48200	0.82%	74th	10.0	This critical vulnerability in the sr_feuser_register TYPO3 extension allows unauthenticated attacke
617	CVE-2025-1016	0.82%	74th	9.8	This CVE describes memory safety bugs in Mozilla Firefox and Thunderbird that could lead to memory c
618	CVE-2025-42928	0.82%	73.9th	9.1	A high-privileged user can exploit a deserialization vulnerability in SAP jConnect to execute arbitr
619	CVE-2025-25361	0.81%	73.8th	9.8	This vulnerability allows attackers to upload malicious SVG or XML files to PublicCMS v4.0.202406, p
620	CVE-2025-22974	0.81%	73.8th	9.8	This SQL injection vulnerability in SeaCMS allows remote attackers to execute arbitrary SQL commands
621	CVE-2025-8356	0.81%	73.7th	9.8	CVE-2025-8356 is a critical path traversal vulnerability in Xerox FreeFlow Core version 8.0.4 that a
622	CVE-2025-1861	0.8%	73.6th	9.8	This CVE describes a buffer size limitation vulnerability in PHP's HTTP redirect parsing. When PHP p
623	CVE-2025-25675	0.8%	73.5th	9.8	This CVE describes a command injection vulnerability in Tenda AC10 routers that allows remote attack
624	CVE-2022-50919	0.79%	73.5th	9.8	CVE-2022-50919 is an unauthenticated remote code execution vulnerability in Tdarr's Help terminal th
625	CVE-2025-2494	0.79%	73.5th	9.8	CVE-2025-2494 allows unrestricted file upload in Softdial Contact Center via the '/softdial/phpconso
626	CVE-2025-59359	0.79%	73.5th	9.8	CVE-2025-59359 is an OS command injection vulnerability in Chaos Controller Manager's cleanTcs mutat
627	CVE-2025-25101	0.79%	73.4th	9.6	A Cross-Site Request Forgery (CSRF) vulnerability in the MetricThemes Munk Sites WordPress plugin al
628	CVE-2025-5746	0.79%	73.4th	9.8	This vulnerability allows unauthenticated attackers to upload arbitrary files to WordPress servers r
629	CVE-2025-34392	0.78%	73.3th	9.8	This vulnerability in Barracuda Service Center allows attackers to upload malicious WSDL files that
630	CVE-2022-31631	0.78%	73.3th	9.1	This vulnerability in PHP's PDO::quote() function for SQLite allows SQL injection when processing ov
631	CVE-2025-30426	0.78%	73.3th	9.8	This vulnerability allows an app to enumerate a user's installed applications without proper authori
632	CVE-2025-25535	0.78%	73.2th	9.8	CVE-2025-25535 is an HTTP response manipulation vulnerability in SCRIPT CASE v1.0.002 Build7 that al
633	CVE-2025-67186	0.78%	73.2th	9.8	This critical buffer overflow vulnerability in TOTOLINK A950RG routers allows remote attackers to ex
634	CVE-2025-44635	0.78%	73.2th	9.8	This critical vulnerability allows unauthenticated attackers to execute arbitrary commands with root
635	CVE-2025-6514	0.78%	73.2th	9.6	CVE-2025-6514 is a critical OS command injection vulnerability in mcp-remote that allows remote code
636	CVE-2025-24230	0.77%	73.1th	9.8	This CVE describes an out-of-bounds read vulnerability in Apple's audio file processing that could a
637	CVE-2025-24211	0.77%	73.1th	9.8	A memory corruption vulnerability in Apple's video processing components allows attackers to cause u
638	CVE-2025-24190	0.77%	73.1th	9.8	This is a critical memory corruption vulnerability in Apple's video processing components across mul
639	CVE-2024-11286	0.77%	73.1th	9.8	The WP JobHunt plugin for WordPress has an authentication bypass vulnerability that allows unauthent
640	CVE-2025-69288	0.77%	73th	9.1	This vulnerability allows any authenticated admin user in Titra time tracking software to execute ar
641	CVE-2024-10763	0.77%	73th	9.8	The Campress WordPress theme contains a Local File Inclusion vulnerability that allows unauthenticat
642	CVE-2025-29411	0.76%	72.9th	9.8	An arbitrary file upload vulnerability in Mart Developers iBanking v2.0.0 allows authenticated attac
643	CVE-2025-0247	0.76%	72.9th	9.8	CVE-2025-0247 is a critical memory safety vulnerability in Firefox and Thunderbird that could allow
644	CVE-2024-13421	0.75%	72.8th	9.8	This vulnerability in the Real Estate 7 WordPress theme allows unauthenticated attackers to register
645	CVE-2025-3495	0.75%	72.7th	9.8	Delta Electronics COMMGR v1 and v2 use predictable session IDs due to insufficient randomization (CW
646	CVE-2025-3277	0.74%	72.6th	9.8	This CVE describes an integer overflow vulnerability in SQLite's concat_ws() function that leads to
647	CVE-2025-7360	0.74%	72.6th	9.1	This vulnerability in the HT Contact Form WordPress plugin allows unauthenticated attackers to move
648	CVE-2016-15048	0.74%	72.5th	9.8	This is an unauthenticated remote command injection vulnerability in AMTT Hotel Broadband Operation
649	CVE-2025-50706	0.74%	72.5th	9.8	This vulnerability in ThinkPHP v5.1 allows remote attackers to execute arbitrary code via the routec
650	CVE-2024-47051	0.74%	72.4th	9.1	This CVE addresses two critical vulnerabilities in Mautic versions before 5.2.3: a Remote Code Execu

← Previous Page 13 of 70 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free