Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 6651 | CVE-2023-46080 |
|
37.8th | 4.3 | This CVE describes a Missing Authorization vulnerability in the WordPress ApplyOnline plugin that al | |
| 6652 | CVE-2025-1186 |
|
37.9th | 6.3 | This critical vulnerability in XunRuiCMS allows remote attackers to execute arbitrary code through d | |
| 6653 | CVE-2025-22992 |
|
37.8th | 9.8 | A critical SQL injection vulnerability in Emoncms allows attackers to execute arbitrary SQL commands | |
| 6654 | CVE-2024-57098 |
|
37.8th | 9.8 | Moss v0.1.3 contains an SQL injection vulnerability in the order parameter that allows attackers to | |
| 6655 | CVE-2025-31697 |
|
37.9th | 6.1 | This vulnerability allows attackers to inject malicious scripts into web pages generated by Drupal F | |
| 6656 | CVE-2025-31695 |
|
37.9th | 6.1 | This vulnerability allows attackers to inject malicious scripts into Drupal websites using the Link | |
| 6657 | CVE-2025-31687 |
|
37.9th | 6.1 | This vulnerability allows attackers to inject malicious scripts into web pages generated by Drupal s | |
| 6658 | CVE-2025-30006 |
|
37.9th | 6.1 | Xorcom CompletePBX administrative control panel contains a reflected cross-site scripting vulnerabil | |
| 6659 | CVE-2024-55093 |
|
37.9th | 5.4 | phpIPAM through version 1.7.3 contains a reflected Cross-Site Scripting (XSS) vulnerability in its i | |
| 6660 | CVE-2025-3026 |
|
37.9th | 6.1 | This vulnerability in EJBCA Enterprise 8.0 allows attackers to manipulate HTTP Host headers to redir | |
| 6661 | CVE-2024-58130 |
|
37.9th | 7.2 | This vulnerability in MISP (Malware Information Sharing Platform) allows cross-site scripting (XSS) | |
| 6662 | CVE-2025-2864 |
|
37.9th | 6.1 | CVE-2025-2864 is a reflected cross-site scripting (XSS) vulnerability in SaTECH BCU firmware version | |
| 6663 | CVE-2025-2861 |
|
37.9th | 7.5 | SaTECH BCU firmware version 2.1.3 transmits sensitive data including credentials over unencrypted HT | |
| 6664 | CVE-2025-27633 |
|
37.9th | 6.1 | TRMTracker web application contains a reflected cross-site scripting (XSS) vulnerability that allows | |
| 6665 | CVE-2025-2760 |
|
37.9th | 7.8 | This vulnerability allows remote attackers to execute arbitrary code by tricking users into opening | |
| 6666 | CVE-2024-13598 |
|
37.9th | 6.1 | This CVE describes a reflected cross-site scripting (XSS) vulnerability in the Internet Starter modu | |
| 6667 | CVE-2024-10090 |
|
37.9th | 6.1 | CVE-2024-10090 is a reflected cross-site scripting (XSS) vulnerability in SoftCOM iKSORIS Internet S | |
| 6668 | CVE-2024-10088 |
|
37.9th | 6.1 | This CVE describes a reflected cross-site scripting (XSS) vulnerability in Internet Starter, a modul | |
| 6669 | CVE-2025-32598 |
|
37.9th | 7.1 | This vulnerability allows attackers to inject malicious scripts into web pages generated by WP Table | |
| 6670 | CVE-2025-29476 |
|
37.8th | 5.5 | A buffer overflow vulnerability exists in the compress_chunk_fuzzer component of c-blosc2, a high-pe | |
| 6671 | CVE-2025-3191 |
|
37.9th | 6.1 | All versions of react-draft-wysiwyg are vulnerable to stored XSS via the Embedded button feature. At | |
| 6672 | CVE-2024-54952 |
|
37.9th | 7.5 | MikroTik RouterOS 6.40.5 contains a memory corruption vulnerability in its SMB service. Remote, unau | |
| 6673 | CVE-2025-45789 |
|
37.8th | 9.8 | This vulnerability allows remote attackers to execute arbitrary code on TOTOLINK A3100R routers via | |
| 6674 | CVE-2025-45787 |
|
37.8th | 9.8 | CVE-2025-45787 is a critical buffer overflow vulnerability in TOTOLINK A3100R routers that allows re | |
| 6675 | CVE-2025-6302 |
|
37.8th | 8.8 | A critical stack-based buffer overflow vulnerability in TOTOLINK EX1200T routers allows remote attac | |
| 6676 | CVE-2025-50155 |
|
37.8th | 7.8 | This vulnerability is a type confusion flaw in Windows Push Notifications that allows an authenticat | |
| 6677 | CVE-2026-2248 |
|
37.8th | 9.8 | METIS WIC devices with firmware versions up to oscore 2.1.234-r18 expose an unauthenticated web-base | |
| 6678 | CVE-2025-61787 |
|
37.9th | 8.1 | This CVE describes a command injection vulnerability in Deno on Windows systems. When Deno executes | |
| 6679 | CVE-2024-39148 |
|
37.9th | 8.1 | CVE-2024-39148 allows unauthenticated remote attackers to execute arbitrary operating system command | |
| 6680 | CVE-2024-32256 |
|
37.8th | 8.1 | Phpgurukul Tourism Management System v2.0 contains an unrestricted file upload vulnerability in the | |
| 6681 | CVE-2024-47520 |
|
37.8th | 7.6 | This vulnerability allows users with advanced report application access rights to perform unauthoriz | |
| 6682 | CVE-2024-56033 |
|
37.8th | 7.1 | This reflected cross-site scripting (XSS) vulnerability in the Think201 FAQs WordPress plugin allows | |
| 6683 | CVE-2024-53573 |
|
37.8th | 9.8 | Unifiedtransform v2.X has an improper access control vulnerability where unauthorized users can acce | |
| 6684 | CVE-2025-25068 |
|
37.7th | 7.5 | Mattermost fails to enforce multi-factor authentication (MFA) on plugin endpoints, allowing authenti | |
| 6685 | CVE-2025-2162 |
|
37.7th | 4.8 | The MapPress Maps for WordPress plugin before version 2.94.10 contains a stored cross-site scripting | |
| 6686 | CVE-2025-32388 |
|
37.7th | 5.4 | This CVE describes a cross-site scripting (XSS) vulnerability in SvelteKit where unsanitized search | |
| 6687 | CVE-2025-30729 |
|
37.7th | 5.5 | This vulnerability in Oracle Communications Order and Service Management allows authenticated attack | |
| 6688 | CVE-2024-13610 |
|
37.7th | 4.8 | This vulnerability in the Simple Social Media Share Buttons WordPress plugin allows administrators t | |
| 6689 | CVE-2025-32206 |
|
37.7th | 9.1 | This vulnerability allows attackers to upload arbitrary files, including web shells, to servers runn | |
| 6690 | CVE-2024-6914 |
|
37.7th | 9.8 | This vulnerability allows attackers to reset any user's password via a flawed SOAP admin service in | |
| 6691 | CVE-2025-36535 |
|
37.7th | 10.0 | This critical vulnerability in an embedded web server allows unauthenticated remote attackers to acc | |
| 6692 | CVE-2025-30386 |
|
37.7th | 8.4 | A use-after-free vulnerability in Microsoft Office allows attackers to execute arbitrary code on aff | |
| 6693 | CVE-2025-30448 |
|
37.7th | 9.1 | This vulnerability allows an attacker to enable iCloud folder sharing without proper authentication. | |
| 6694 | CVE-2025-12468 |
|
37.6th | 5.3 | This vulnerability allows unauthenticated attackers to access all WooCommerce coupon codes, IDs, and | |
| 6695 | CVE-2023-53934 |
|
37.7th | 7.5 | This CVE describes a denial-of-service vulnerability in Kentico Xperience's GetResource handler wher | |
| 6696 | CVE-2024-36599 |
|
37.8th | 6.1 | A stored cross-site scripting (XSS) vulnerability in Aegon Life v1.0 Life Insurance Management Syste | |
| 6697 | CVE-2025-23781 |
|
37.6th | 7.5 | This vulnerability in the WM Options Import Export WordPress plugin allows attackers to retrieve emb | |
| 6698 | CVE-2025-23774 |
|
37.6th | 7.5 | This vulnerability in the WPDB to Sql WordPress plugin allows attackers to retrieve sensitive embedd | |
| 6699 | CVE-2024-24445 |
|
37.6th | 6.5 | OpenAirInterface CN5G AMF versions up to 2.0.0 contain a null pointer dereference vulnerability when | |
| 6700 | CVE-2024-48125 |
|
37.6th | 7.5 | This vulnerability in the AsDB service of HI-SCAN 6040i Hitrax HX-03-19-I allows attackers to enumer |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free