Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 601 | CVE-2025-60963 |
|
76.9th | 8.2 | This CVE describes an OS command injection vulnerability in EndRun Technologies Sonoma D12 Network T | |
| 602 | CVE-2024-10957 |
|
76.8th | 8.8 | The UpdraftPlus WordPress backup plugin contains a PHP object injection vulnerability in versions 1. | |
| 603 | CVE-2025-66645 |
|
76.8th | 7.5 | This directory traversal vulnerability in NiceGUI allows remote attackers to read arbitrary files on | |
| 604 | CVE-2025-26639 |
|
76.7th | 7.8 | An integer overflow vulnerability in the Windows USB Print Driver allows authenticated attackers to | |
| 605 | CVE-2025-41244 |
|
76.7th | 7.8 | KEV | This CVE describes a local privilege escalation vulnerability in VMware Aria Operations and VMware T |
| 606 | CVE-2025-7097 |
|
76.6th | 8.1 | This critical vulnerability in Comodo Internet Security Premium allows remote attackers to execute a | |
| 607 | CVE-2025-1282 |
|
76.6th | 8.8 | This vulnerability in the Car Dealer Automotive WordPress theme allows authenticated attackers with | |
| 608 | CVE-2025-24074 |
|
76.6th | 7.8 | This vulnerability allows an authorized attacker with local access to a Windows system to elevate pr | |
| 609 | CVE-2025-24062 |
|
76.6th | 7.8 | CVE-2025-24062 is a local privilege escalation vulnerability in Windows Desktop Window Manager (DWM) | |
| 610 | CVE-2025-24058 |
|
76.6th | 7.8 | This vulnerability allows an authorized attacker with existing access to a Windows system to exploit | |
| 611 | CVE-2025-21325 |
|
76.6th | 7.8 | This vulnerability allows an authenticated attacker to execute arbitrary code with kernel privileges | |
| 612 | CVE-2025-24888 |
|
76.5th | 8.1 | This vulnerability allows a compromised SecureDrop Server to execute arbitrary code on the SecureDro | |
| 613 | CVE-2024-57669 |
|
76.5th | 7.5 | A directory traversal vulnerability in Zrlog backup-sql-file.jar v3.0.31 allows remote attackers to | |
| 614 | CVE-2024-12749 |
|
76.5th | 7.1 | This vulnerability in the Competition Form WordPress plugin allows attackers to inject malicious scr | |
| 615 | CVE-2025-30471 |
|
76.5th | 7.5 | A validation logic vulnerability in multiple Apple operating systems allows remote attackers to caus | |
| 616 | CVE-2024-12638 |
|
76.5th | 7.1 | This vulnerability in the Bulk Me Now! WordPress plugin allows attackers to inject malicious scripts | |
| 617 | CVE-2025-48732 |
|
76.5th | 7.3 | An incomplete blacklist in WWBN AVideo's .htaccess sample allows attackers to execute arbitrary code | |
| 618 | CVE-2025-25745 |
|
76.4th | 8.8 | This vulnerability allows remote attackers to execute arbitrary code on D-Link DIR-853 A1 routers by | |
| 619 | CVE-2025-3434 |
|
76.4th | 7.2 | The SMTP for Amazon SES – YaySMTP WordPress plugin has a stored cross-site scripting vulnerability | |
| 620 | CVE-2024-13831 |
|
76.3th | 7.2 | The Tabs for WooCommerce WordPress plugin is vulnerable to PHP object injection through deserializat | |
| 621 | CVE-2024-9664 |
|
76.3th | 7.2 | The WP All Import Pro plugin for WordPress is vulnerable to PHP object injection through deserializa | |
| 622 | CVE-2024-13833 |
|
76.3th | 7.2 | This vulnerability in the Album Gallery WordPress plugin allows authenticated attackers with Editor- | |
| 623 | CVE-2025-20115 |
|
76.2th | 8.6 | A memory corruption vulnerability in Cisco IOS XR's BGP confederation implementation allows unauthen | |
| 624 | CVE-2025-24985 |
|
76.2th | 7.8 | KEV | An integer overflow vulnerability in the Windows Fast FAT driver allows local attackers to execute a |
| 625 | CVE-2026-25892 |
|
76.2th | 7.5 | Adminer v5.4.1 and earlier has a version check endpoint that lacks origin validation, allowing attac | |
| 626 | CVE-2025-43565 |
|
76.1th | 8.4 | This CVE describes an incorrect authorization vulnerability in Adobe ColdFusion that allows high-pri | |
| 627 | CVE-2025-26856 |
|
76th | 7.2 | This CVE describes an OS command injection vulnerability in UD-LT2 firmware that allows authenticate | |
| 628 | CVE-2024-13882 |
|
76th | 8.8 | The Aiomatic WordPress plugin allows authenticated attackers with Contributor-level access or higher | |
| 629 | CVE-2025-2932 |
|
76th | 8.8 | The JKDEVKIT WordPress plugin allows authenticated attackers with Subscriber-level access (or Contri | |
| 630 | CVE-2025-5014 |
|
76th | 8.8 | This vulnerability allows authenticated attackers with Subscriber-level access or higher to delete a | |
| 631 | CVE-2025-58163 |
|
76th | 8.8 | CVE-2025-58163 is a remote code execution vulnerability in FreeScout help desk software where authen | |
| 632 | CVE-2024-13889 |
|
76th | 7.2 | The WordPress Importer plugin is vulnerable to PHP object injection via deserialization of untrusted | |
| 633 | CVE-2025-27423 |
|
76th | 7.1 | This vulnerability in Vim's tar.vim plugin allows arbitrary shell command execution when opening spe | |
| 634 | CVE-2025-21622 |
|
75.9th | 7.5 | This CVE describes a path traversal vulnerability in ClipBucket V5's avatar upload feature. Attacker | |
| 635 | CVE-2024-39750 |
|
75.9th | 8.8 | IBM Analytics Content Hub 2.0 contains a buffer overflow vulnerability (CWE-120) that allows authent | |
| 636 | CVE-2025-32871 |
|
75.9th | 8.8 | An SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to | |
| 637 | CVE-2025-32867 |
|
75.9th | 8.8 | An SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to | |
| 638 | CVE-2025-32865 |
|
75.9th | 8.8 | An SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to | |
| 639 | CVE-2025-32863 |
|
75.9th | 8.8 | This SQL injection vulnerability in TeleControl Server Basic allows authenticated attackers to bypas | |
| 640 | CVE-2025-32861 |
|
75.9th | 8.8 | An SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to | |
| 641 | CVE-2025-32859 |
|
75.9th | 8.8 | This SQL injection vulnerability in TeleControl Server Basic allows authenticated attackers to bypas | |
| 642 | CVE-2025-32857 |
|
75.9th | 8.8 | An SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to | |
| 643 | CVE-2025-32855 |
|
75.9th | 8.8 | An SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to | |
| 644 | CVE-2025-32853 |
|
75.9th | 8.8 | This SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers t | |
| 645 | CVE-2025-32851 |
|
75.9th | 8.8 | An SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to | |
| 646 | CVE-2025-32849 |
|
75.9th | 8.8 | This SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers t | |
| 647 | CVE-2025-32847 |
|
75.9th | 8.8 | This SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers t | |
| 648 | CVE-2025-32845 |
|
75.9th | 8.8 | An SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to | |
| 649 | CVE-2025-32843 |
|
75.9th | 8.8 | This SQL injection vulnerability in TeleControl Server Basic allows authenticated attackers to bypas | |
| 650 | CVE-2025-32841 |
|
75.9th | 8.8 | This SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers t |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free