Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 6451 | CVE-2021-4472 |
|
16th | 6.5 | The mistral-dashboard plugin for OpenStack contains a local file inclusion vulnerability in the 'Cre | |
| 6452 | CVE-2026-24328 |
|
16th | 6.1 | CVE-2026-24328 is an open redirect vulnerability in SAP TAF_APPLAUNCHER within Business Server Pages | |
| 6453 | CVE-2026-24323 |
|
16th | 6.1 | This CVE describes a reflected cross-site scripting (XSS) vulnerability in BSP applications where un | |
| 6454 | CVE-2025-13082 |
|
15.9th | 4.3 | This CVE describes a UI misrepresentation vulnerability in Drupal core that allows content spoofing. | |
| 6455 | CVE-2025-60876 |
|
16.2th | 6.5 | BusyBox wget versions through 1.3.7 improperly accept raw CR/LF and C0 control characters in HTTP re | |
| 6456 | CVE-2025-64177 |
|
16.2th | 5.4 | ThinkDashboard versions 0.6.7 and below contain a stored XSS vulnerability where malicious bookmarks | |
| 6457 | CVE-2025-12615 |
|
16.1th | 5.0 | PHPGurukul News Portal 1.0 contains a hard-coded cryptographic key in its settings.py file, allowing | |
| 6458 | CVE-2025-15360 |
|
16th | 4.7 | This vulnerability allows remote attackers to upload arbitrary files to newbee-mall-plus 2.0.0 throu | |
| 6459 | CVE-2025-15262 |
|
16th | 4.7 | BiggiDroid Simple PHP CMS 1.0 has an unrestricted file upload vulnerability in the Site Logo Handler | |
| 6460 | CVE-2025-15222 |
|
16th | 5.0 | This vulnerability in Dromara Sa-Token allows remote attackers to execute arbitrary code through ins | |
| 6461 | CVE-2025-15197 |
|
16th | 4.7 | This vulnerability allows remote attackers to upload arbitrary files to the Content Management Syste | |
| 6462 | CVE-2025-15110 |
|
16th | 4.7 | This vulnerability allows remote attackers to upload arbitrary files to the jackq XCMS backend throu | |
| 6463 | CVE-2025-14633 |
|
16.2th | 5.3 | The F70 Lead Document Download WordPress plugin allows unauthenticated attackers to download any fil | |
| 6464 | CVE-2025-43536 |
|
15.9th | 4.3 | A use-after-free vulnerability in Apple's web content processing allows attackers to cause unexpecte | |
| 6465 | CVE-2025-14642 |
|
16th | 4.7 | CVE-2025-14642 is an unrestricted file upload vulnerability in Computer Laboratory System 1.0 that a | |
| 6466 | CVE-2025-14641 |
|
16th | 4.7 | CVE-2025-14641 is an unrestricted file upload vulnerability in Computer Laboratory System 1.0's admi | |
| 6467 | CVE-2025-14606 |
|
16th | 5.0 | This vulnerability allows remote attackers to execute arbitrary code through insecure deserializatio | |
| 6468 | CVE-2025-14293 |
|
16th | 6.5 | The WP Job Portal WordPress plugin contains an arbitrary file read vulnerability in all versions up | |
| 6469 | CVE-2025-61822 |
|
15.9th | 6.2 | This CVE describes an Improper Input Validation vulnerability in Adobe ColdFusion that allows attack | |
| 6470 | CVE-2025-66563 |
|
16.2th | 6.1 | This is a cross-site scripting (XSS) vulnerability in Monkeytype typing test software versions 25.49 | |
| 6471 | CVE-2025-63523 |
|
16th | 6.5 | FeehiCMS version 2.1.1 has a server-side validation flaw where parameters marked as read-only on the | |
| 6472 | CVE-2026-1469 |
|
16.2th | 5.4 | Stored XSS vulnerability in RLE NOVA's PlanManager allows attackers to inject malicious JavaScript t | |
| 6473 | CVE-2026-0749 |
|
16.2th | 6.1 | This CVE describes a cross-site scripting (XSS) vulnerability in Drupal's Form Builder module that a | |
| 6474 | CVE-2025-11044 |
|
16.2th | 6.8 | An unauthenticated attacker on the network can exploit a race condition in the ANSL-Server component | |
| 6475 | CVE-2026-22876 |
|
16.1th | 6.5 | A path traversal vulnerability in TOA Corporation TRIFORA 3 series network cameras allows authentica | |
| 6476 | CVE-2026-20959 |
|
16.1th | 4.6 | This cross-site scripting (XSS) vulnerability in Microsoft Office SharePoint allows authenticated at | |
| 6477 | CVE-2026-0886 |
|
16.1th | 5.3 | A memory corruption vulnerability in Firefox and Thunderbird's graphics component due to incorrect b | |
| 6478 | CVE-2025-14867 |
|
16th | 6.5 | The Flashcard WordPress plugin contains a path traversal vulnerability that allows authenticated att | |
| 6479 | CVE-2024-4147 |
|
16.1th | 6.5 | This vulnerability allows authenticated users in lunary-ai/lunary to delete prompts belonging to oth | |
| 6480 | CVE-2026-1741 |
|
16th | 6.6 | This CVE describes a backdoor vulnerability in the EFM ipTIME A8004T router's debug interface. Attac | |
| 6481 | CVE-2024-6155 |
|
15.7th | 6.4 | This vulnerability in the Greenshift WordPress plugin allows authenticated users with Subscriber-lev | |
| 6482 | CVE-2024-56448 |
|
15.6th | 6.7 | This vulnerability allows improper access control in the home screen widget module, potentially enab | |
| 6483 | CVE-2024-7696 |
|
15.6th | 6.3 | This vulnerability allows authenticated attackers to tamper with audit logs or perform denial-of-ser | |
| 6484 | CVE-2025-21816 |
|
15.8th | 5.5 | A Linux kernel vulnerability in the hrtimers subsystem allows timers to be queued on offline CPUs du | |
| 6485 | CVE-2025-21725 |
|
15.8th | 5.5 | A Linux kernel vulnerability in the SMB client where unset link speed values cause a divide-by-zero | |
| 6486 | CVE-2025-21707 |
|
15.8th | 5.5 | This CVE describes an uninitialized variable vulnerability in the Linux kernel's MPTCP (Multipath TC | |
| 6487 | CVE-2024-57993 |
|
15.8th | 5.5 | This CVE describes a type mismatch vulnerability in the Linux kernel's hid-thrustmaster driver that | |
| 6488 | CVE-2025-26791 |
|
15.6th | 4.5 | DOMPurify versions before 3.2.4 contain a regular expression flaw in template literal handling that | |
| 6489 | CVE-2024-30155 |
|
15.6th | 5.5 | HCL SX fails to set the secure attribute on authorization tokens and session cookies, allowing attac | |
| 6490 | CVE-2025-30109 |
|
15.7th | 6.5 | The IROAD dashcam mobile application contains hardcoded credentials that allow attackers on the same | |
| 6491 | CVE-2025-21864 |
|
15.8th | 5.5 | A Linux kernel vulnerability where TCP connections in specific network namespace configurations can | |
| 6492 | CVE-2024-12604 |
|
15.6th | 6.5 | This vulnerability in Tap&Sign App allows attackers to exploit weak password recovery mechanisms and | |
| 6493 | CVE-2025-21838 |
|
15.8th | 5.5 | This CVE describes a race condition in the Linux kernel's USB gadget subsystem where work scheduled | |
| 6494 | CVE-2024-58061 |
|
15.8th | 5.5 | This Linux kernel vulnerability in the mac80211 WiFi subsystem could allow a local attacker with deb | |
| 6495 | CVE-2025-20924 |
|
15.7th | 4.6 | A physical access control vulnerability in Samsung Notes allows attackers with physical device acces | |
| 6496 | CVE-2025-1463 |
|
15.6th | 4.3 | The Spreadsheet Integration plugin for WordPress has a Cross-Site Request Forgery vulnerability that | |
| 6497 | CVE-2025-3599 |
|
15.9th | 6.5 | This CVE describes an Elevation of Privilege vulnerability in Symantec Endpoint Protection Windows A | |
| 6498 | CVE-2025-46482 |
|
15.6th | 6.5 | This stored XSS vulnerability in the WP Quiz WordPress plugin allows attackers to inject malicious s | |
| 6499 | CVE-2025-46538 |
|
15.6th | 6.5 | This DOM-based Cross-Site Scripting (XSS) vulnerability in the Inline Text Popup WordPress plugin al | |
| 6500 | CVE-2025-46534 |
|
15.6th | 6.5 | This DOM-based Cross-Site Scripting (XSS) vulnerability in the Image Style Hover WordPress plugin al |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free