Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
6751	CVE-2023-53943	0.05%	15.4th	5.3	CVE-2023-53943 is a username enumeration vulnerability in GLPI's password recovery mechanism that al
6752	CVE-2025-58007	0.05%	15.3th	4.3	This vulnerability in the Social Pug WordPress plugin allows unauthorized users to retrieve embedded
6753	CVE-2025-14088	0.05%	15.5th	6.3	This vulnerability in ketr JEPaaS allows attackers to bypass authorization controls via manipulation
6754	CVE-2025-53032	0.05%	15.4th	4.9	This vulnerability in Oracle MySQL Server's optimizer component allows authenticated high-privileged
6755	CVE-2025-13115	0.05%	15.3th	4.3	This vulnerability allows unauthorized access to order details in macrozheng mall-swarm and mall app
6756	CVE-2025-14089	0.05%	15.5th	6.3	CVE-2025-14089 is an improper authorization vulnerability in Himool ERP that allows remote attackers
6757	CVE-2025-32984	0.05%	15.4th	6.1	This stored XSS vulnerability in NETSCOUT nGeniusONE allows attackers to inject malicious scripts vi
6758	CVE-2025-10844	0.05%	15.3th	6.3	This SQL injection vulnerability in Portabilis i-Educar allows attackers to execute arbitrary SQL co
6759	CVE-2025-10845	0.05%	15.3th	6.3	This SQL injection vulnerability in Portabilis i-Educar allows attackers to execute arbitrary SQL co
6760	CVE-2025-10846	0.05%	15.3th	6.3	This SQL injection vulnerability in Portabilis i-Educar allows attackers to manipulate database quer
6761	CVE-2025-3449	0.05%	15.4th	4.2	A predictable session identifier generation vulnerability in B&R Automation Runtime's SDM component
6762	CVE-2024-53839	0.05%	15.4th	5.5	This vulnerability allows an attacker to read memory beyond intended boundaries in the GetCellInfoLi
6763	CVE-2025-9847	0.05%	15.4th	6.3	CVE-2025-9847 is an unrestricted file upload vulnerability in ScriptAndTools Real Estate Management
6764	CVE-2025-62264	0.05%	15.3th	6.1	This reflected cross-site scripting (XSS) vulnerability in Liferay Portal and DXP allows remote atta
6765	CVE-2025-64339	0.05%	15.3th	5.4	ClipBucket v5 has a stored XSS vulnerability in the Manage Playlists feature where authenticated low
6766	CVE-2021-47841	0.05%	15.3th	6.1	SnipCommand 0.1.0 contains a persistent cross-site scripting (XSS) vulnerability that allows attacke
6767	CVE-2021-47844	0.05%	15.3th	6.1	Xmind 2020 contains a persistent cross-site scripting (XSS) vulnerability that allows attackers to e
6768	CVE-2025-37140	0.05%	15.4th	4.9	This vulnerability allows authenticated attackers to download arbitrary files from AOS-10 GW and AOS
6769	CVE-2025-37141	0.05%	15.4th	4.9	This vulnerability allows authenticated attackers to download arbitrary files from AOS-10 GW and AOS
6770	CVE-2025-37142	0.05%	15.4th	4.9	This vulnerability allows authenticated attackers to download arbitrary files from AOS-10 GW and AOS
6771	CVE-2025-37143	0.05%	15.4th	4.9	An authenticated attacker can download arbitrary files from AOS-10 GW and AOS-8 Controller/Mobility
6772	CVE-2025-58226	0.05%	15.4th	5.3	This vulnerability in the 3D FlipBook WordPress plugin allows attackers to retrieve embedded sensiti
6773	CVE-2022-49758	0.05%	15.1th	5.5	This vulnerability is a null pointer dereference in the Linux kernel's uniphier-glue reset driver. I
6774	CVE-2025-68384	0.05%	15th	6.5	This vulnerability allows authenticated Elasticsearch users with low privileges to submit oversized
6775	CVE-2025-20304	0.05%	15.1th	5.4	This vulnerability allows authenticated attackers with low privileges to conduct reflected cross-sit
6776	CVE-2025-21621	0.05%	15th	6.1	GeoServer versions before 2.25.0 contain a reflected cross-site scripting vulnerability in the WMS G
6777	CVE-2025-15375	0.05%	15.2th	6.3	CVE-2025-15375 is a remote code execution vulnerability in EyouCMS versions up to 1.7.7, caused by i
6778	CVE-2025-64752	0.05%	15.2th	6.8	This vulnerability in grist-core allows authenticated users to perform server-side request forgery (
6779	CVE-2025-4666	0.05%	14.9th	6.4	The Zotpress WordPress plugin has a stored XSS vulnerability in the 'nickname' parameter that allows
6780	CVE-2025-62266	0.05%	15.2th	6.1	This CVE describes a DNS rebinding vulnerability in Liferay Portal and DXP that allows attackers to
6781	CVE-2023-52978	0.05%	15.1th	5.5	A kernel panic vulnerability in the Linux kernel's RISC-V architecture when kprobes are placed at il
6782	CVE-2025-62413	0.05%	14.9th	6.1	MQTTX versions 1.12.0 contain a Cross-Site Scripting (XSS) vulnerability where malicious MQTT messag
6783	CVE-2025-3977	0.05%	14.9th	4.3	CVE-2025-3977 is an improper authorization vulnerability in iteachyou Dreamer CMS that allows attack
6784	CVE-2025-62265	0.05%	15.1th	5.4	This CVE describes a cross-site scripting (XSS) vulnerability in Liferay Portal and DXP's Blogs widg
6785	CVE-2026-0717	0.05%	15.1th	5.3	The LottieFiles WordPress plugin exposes sensitive account credentials through an unauthenticated RE
6786	CVE-2025-20347	0.05%	15th	5.4	This vulnerability allows authenticated low-privileged attackers to bypass authorization controls on
6787	CVE-2025-6108	0.05%	15.1th	6.3	This critical vulnerability in Spring-Boot-In-Action allows attackers to perform path traversal atta
6788	CVE-2025-12291	0.05%	15.2th	4.7	This vulnerability allows attackers to upload arbitrary files without restrictions on the Add Produc
6789	CVE-2025-64493	0.05%	15.2th	6.5	SuiteCRM versions 8.6.0 through 8.9.0 contain an authenticated blind SQL injection vulnerability in
6790	CVE-2024-56440	0.05%	15.1th	6.2	A permission control vulnerability in Huawei's Connectivity module allows unauthorized access to res
6791	CVE-2025-63938	0.05%	14.9th	6.5	CVE-2025-63938 is an integer overflow vulnerability in Tinyproxy's strip_return_port() function that
6792	CVE-2025-10232	0.05%	15.1th	5.4	This CVE describes a path traversal vulnerability in 299ko CMS versions up to 2.0.0. Attackers can r
6793	CVE-2025-36352	0.05%	15th	6.4	IBM License Metric Tool versions 9.2.0 through 9.2.40 contain a stored cross-site scripting vulnerab
6794	CVE-2024-13950	0.05%	15th	6.8	This CVE describes a cross-site scripting (XSS) vulnerability in ABB's ASPECT, NEXUS, and MATRIX ser
6795	CVE-2025-13575	0.05%	15.2th	6.3	This SQL injection vulnerability in code-projects Blog Site 1.0 allows attackers to manipulate datab
6796	CVE-2025-3212	0.05%	15.2th	5.3	A Use After Free vulnerability in Arm GPU kernel drivers allows local non-privileged users to access
6797	CVE-2025-43375	0.05%	15.1th	5.5	This vulnerability in Xcode allows an attacker to cause a denial-of-service by providing an overly l
6798	CVE-2025-13157	0.05%	15.1th	5.3	The QODE Wishlist for WooCommerce WordPress plugin has an Insecure Direct Object Reference vulnerabi
6799	CVE-2025-13198	0.05%	15.2th	4.7	This vulnerability allows attackers to upload arbitrary files to DouPHP systems without proper restr
6800	CVE-2025-12899	0.05%	15th	6.5	A vulnerability in Zephyr's network stack allows specially crafted IPv4 packets with ICMP type 128 t

← Previous Page 136 of 332 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free