Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 6901 | CVE-2025-26661 |
|
37.2th | 8.8 | CVE-2025-26661 is a missing authorization vulnerability in SAP NetWeaver ABAP Class Builder that all | |
| 6902 | CVE-2025-23394 |
|
37.1th | 9.8 | A UNIX symbolic link following vulnerability in cyrus-imapd on openSUSE Tumbleweed allows local atta | |
| 6903 | CVE-2025-26735 |
|
37.2th | 7.5 | This CVE describes a PHP remote file inclusion vulnerability in the Grip WordPress theme. Attackers | |
| 6904 | CVE-2025-10157 |
|
37.1th | 7.8 | This vulnerability allows attackers to bypass picklescan's unsafe globals check by using submodule i | |
| 6905 | CVE-2025-11301 |
|
37.1th | 8.8 | A remote buffer overflow vulnerability exists in Belkin F9K1015 routers via the /goform/formWlanSetu | |
| 6906 | CVE-2025-11297 |
|
37.1th | 8.8 | A buffer overflow vulnerability in Belkin F9K1015 routers allows remote attackers to execute arbitra | |
| 6907 | CVE-2025-63224 |
|
37.2th | 10.0 | This vulnerability allows attackers to bypass authentication on Itel DAB Encoder devices by reusing | |
| 6908 | CVE-2025-63210 |
|
37.2th | 9.8 | This vulnerability allows attackers to bypass authentication on Newtec Celox UHD satellite modems by | |
| 6909 | CVE-2025-63217 |
|
37.2th | 9.8 | This vulnerability allows attackers to bypass authentication on Itel DAB MUX devices by reusing a va | |
| 6910 | CVE-2025-12974 |
|
37.2th | 8.1 | The Gravity Forms WordPress plugin allows unauthenticated attackers to upload .phar files through it | |
| 6911 | CVE-2022-50594 |
|
37.2th | 7.5 | This vulnerability allows remote attackers to bypass authentication and execute SQL injection attack | |
| 6912 | CVE-2026-2210 |
|
37.2th | 7.2 | This CVE describes a remote command injection vulnerability in D-Link DIR-823X routers. Attackers ca | |
| 6913 | CVE-2024-24844 |
|
37.2th | 7.5 | CVE-2024-24844 is a missing authorization vulnerability in PowerPack Pro for Elementor WordPress plu | |
| 6914 | CVE-2025-13428 |
|
37.2th | 7.2 | This vulnerability allows authenticated users with IDE role permissions in SecOps SOAR servers to ac | |
| 6915 | CVE-2024-55408 |
|
37th | 5.3 | An improper access control vulnerability in the AsusSAIO.sys driver allows attackers to send crafted | |
| 6916 | CVE-2024-55627 |
|
37.1th | 5.9 | This vulnerability in Suricata allows an attacker to trigger a large buffer overflow via specially c | |
| 6917 | CVE-2024-57668 |
|
37.1th | 8.8 | Code-projects Shopping Portal v1.0 has an arbitrary file upload vulnerability in insert-product.php | |
| 6918 | CVE-2024-38404 |
|
37th | 7.5 | This vulnerability in Qualcomm modems allows a transient denial-of-service (DoS) condition when the | |
| 6919 | CVE-2024-6866 |
|
37.1th | 7.5 | This vulnerability in flask-cors 4.01 allows unauthorized origins to bypass CORS restrictions due to | |
| 6920 | CVE-2024-12911 |
|
37th | 7.1 | This vulnerability allows SQL injection through prompt injection in the JSONalyzeQueryEngine compone | |
| 6921 | CVE-2025-27670 |
|
37th | 9.8 | CVE-2025-27670 is a critical vulnerability in Vasion Print (formerly PrinterLogic) that allows attac | |
| 6922 | CVE-2025-1818 |
|
37.1th | 6.3 | This critical vulnerability in zj1983 zz software allows remote attackers to upload arbitrary files | |
| 6923 | CVE-2024-58116 |
|
37.1th | 4.0 | A buffer overflow vulnerability exists in the SVG parsing module of Huawei's ArkUI framework. Succes | |
| 6924 | CVE-2025-3085 |
|
37.1th | 8.1 | This vulnerability allows improper authentication in MongoDB servers when TLS with CRL revocation ch | |
| 6925 | CVE-2025-4223 |
|
37th | 4.7 | This vulnerability allows attackers to inject malicious scripts via the 'login_url' parameter in the | |
| 6926 | CVE-2025-6486 |
|
37th | 8.8 | This critical vulnerability in TOTOLINK A3002R routers allows remote attackers to execute arbitrary | |
| 6927 | CVE-2025-6402 |
|
37th | 8.8 | This critical buffer overflow vulnerability in TOTOLINK X15 routers allows remote attackers to execu | |
| 6928 | CVE-2025-3498 |
|
37.1th | 9.9 | An unauthenticated attacker with management network access can exploit exposed REST APIs on Radiflow | |
| 6929 | CVE-2025-6939 |
|
37th | 8.8 | A critical buffer overflow vulnerability in TOTOLINK A3002RU routers allows remote attackers to exec | |
| 6930 | CVE-2025-56301 |
|
37.1th | 7.5 | This vulnerability in Rocket-Chip's CSR logic allows attackers to corrupt exception handling and pri | |
| 6931 | CVE-2025-60017 |
|
37.1th | 8.2 | This vulnerability allows remote attackers to execute arbitrary OS commands with root privileges on | |
| 6932 | CVE-2025-55888 |
|
37th | 7.3 | This Cross-Site Scripting (XSS) vulnerability in ARD's Ajax transaction manager allows attackers to | |
| 6933 | CVE-2025-59050 |
|
37.1th | 8.4 | This vulnerability allows a local attacker to execute arbitrary code within the Greenshot screenshot | |
| 6934 | CVE-2025-53800 |
|
37.1th | 7.8 | This vulnerability in Microsoft Graphics Component allows an authenticated attacker to elevate privi | |
| 6935 | CVE-2025-57164 |
|
37.1th | 6.5 | CVE-2025-57164 allows remote code execution in Flowise AI platforms through unsanitized user input i | |
| 6936 | CVE-2025-59277 |
|
37th | 7.8 | This vulnerability in Windows Authentication Methods allows an authenticated attacker to perform loc | |
| 6937 | CVE-2025-59187 |
|
37th | 7.8 | This Windows Kernel vulnerability allows authenticated attackers to gain elevated system privileges | |
| 6938 | CVE-2025-55701 |
|
37th | 7.8 | This Windows privilege escalation vulnerability allows authenticated attackers to gain higher system | |
| 6939 | CVE-2025-11631 |
|
37.1th | 5.4 | This CVE describes a path traversal vulnerability in RainyGao DocSys up to version 2.02.36. Attacker | |
| 6940 | CVE-2025-13384 |
|
37.1th | 7.5 | This vulnerability allows unauthenticated attackers to forge PayPal payment notifications in the CP | |
| 6941 | CVE-2025-64130 |
|
37.1th | 9.8 | Zenitel TCIV-3+ devices contain a reflected cross-site scripting (XSS) vulnerability that allows rem | |
| 6942 | CVE-2025-15244 |
|
37th | 3.7 | A race condition vulnerability exists in PHPEMS's Purchase Request Handler component, allowing attac | |
| 6943 | CVE-2026-24124 |
|
37.1th | 9.8 | Dragonfly versions 2.4.1-rc.0 and below have missing authentication and authorization checks on Job | |
| 6944 | CVE-2023-54340 |
|
37.1th | 8.2 | WorkOrder CMS 0.1.0 contains an unauthenticated SQL injection vulnerability in login parameters that | |
| 6945 | CVE-2025-22217 |
|
37th | 8.6 | CVE-2025-22217 is an unauthenticated blind SQL injection vulnerability in Avi Load Balancer that all | |
| 6946 | CVE-2024-0137 |
|
36.9th | 5.5 | NVIDIA Container Toolkit has an improper isolation vulnerability where specially crafted container i | |
| 6947 | CVE-2024-13296 |
|
37th | 6.6 | This vulnerability in Drupal Mailjet module allows attackers to inject malicious objects through des | |
| 6948 | CVE-2024-56242 |
|
37th | 6.5 | This stored cross-site scripting (XSS) vulnerability in the Tyche Softwares Arconix Shortcodes WordP | |
| 6949 | CVE-2024-13217 |
|
36.9th | 4.3 | The Jeg Elementor Kit WordPress plugin exposes sensitive template data through insecure functions. A | |
| 6950 | CVE-2025-31527 |
|
36.9th | 6.4 | This Server-Side Request Forgery (SSRF) vulnerability in the Kishan WP Link Preview WordPress plugin |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free