Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
651	CVE-2024-8537	0.74%	72.4th	9.1	A path traversal vulnerability in modelscope/agentscope's /delete-workflow endpoint allows attackers
652	CVE-2025-2618	0.74%	72.4th	9.8	A critical heap-based buffer overflow vulnerability in D-Link DAP-1620 access points allows remote a
653	CVE-2024-56731	0.73%	72.2th	10.0	This vulnerability allows unprivileged users in Gogs to delete files in the .git directory, leading
654	CVE-2025-0177	0.73%	72.2th	9.8	The Javo Core WordPress plugin allows unauthenticated attackers to create accounts with administrato
655	CVE-2025-29708	0.73%	72.2th	9.8	SourceCodester Company Website CMS 1.0 contains an unauthenticated file upload vulnerability in the
656	CVE-2025-32577	0.73%	72.1th	9.8	This vulnerability allows attackers to include local files on the server through PHP's include/requi
657	CVE-2025-0471	0.72%	72.1th	9.9	An unrestricted file upload vulnerability in PMB platform versions 4.0.10 and above allows attackers
658	CVE-2025-59352	0.72%	72.1th	9.8	This vulnerability in Dragonfly allows peers to create or read arbitrary files on other peers' syste
659	CVE-2025-27540	0.72%	72th	9.8	An unauthenticated SQL injection vulnerability in TeleControl Server Basic allows remote attackers t
660	CVE-2025-27495	0.72%	72th	9.8	This critical SQL injection vulnerability in TeleControl Server Basic allows unauthenticated remote
661	CVE-2025-45017	0.72%	72th	9.8	A critical SQL injection vulnerability in PHPGurukul Park Ticketing Management System v2.0 allows re
662	CVE-2025-54385	0.72%	72th	9.8	This CVE describes a critical SQL injection vulnerability in XWiki Platform that allows attackers to
663	CVE-2025-54122	0.72%	71.9th	10.0	An unauthenticated Server-Side Request Forgery (SSRF) vulnerability in Manager accounting software a
664	CVE-2025-1475	0.71%	71.8th	9.8	The WPCOM Member WordPress plugin has an authentication bypass vulnerability that allows unauthentic
665	CVE-2025-7401	0.71%	71.8th	9.8	This vulnerability in the Premium Age Verification WordPress plugin allows unauthenticated attackers
666	CVE-2025-32711	0.71%	71.8th	9.3	This CVE describes an AI command injection vulnerability in Microsoft 365 Copilot that allows unauth
667	CVE-2025-25784	0.71%	71.7th	9.8	An arbitrary file upload vulnerability in Jizhicms v2.5.4 allows attackers to upload malicious Zip f
668	CVE-2025-58748	0.71%	71.7th	9.8	This vulnerability allows remote code execution in Dataease by exploiting improper JDBC URL validati
669	CVE-2024-8769	0.71%	71.7th	9.1	This vulnerability allows attackers to delete arbitrary files on systems running the aimhubio/aim tr
670	CVE-2025-1265	0.7%	71.6th	9.9	An OS command injection vulnerability in Vinci Protocol Analyzer allows attackers to execute arbitra
671	CVE-2025-30452	0.7%	71.5th	9.8	This CVE describes a critical input validation vulnerability in macOS that could allow attackers to
672	CVE-2025-30424	0.7%	71.5th	9.8	A data exposure vulnerability in macOS Messages allows user contact information to leak into system
673	CVE-2025-24273	0.7%	71.5th	9.8	This CVE describes a critical out-of-bounds write vulnerability in macOS kernel memory that allows a
674	CVE-2025-24265	0.7%	71.5th	9.8	This CVE describes an out-of-bounds read vulnerability in macOS that could allow a malicious applica
675	CVE-2025-24256	0.7%	71.5th	9.8	This is a macOS kernel memory disclosure vulnerability caused by insufficient bounds checking. An ap
676	CVE-2025-24253	0.7%	71.5th	9.8	A macOS vulnerability allows malicious applications to bypass symlink protections and access protect
677	CVE-2025-24247	0.7%	71.5th	9.8	A type confusion vulnerability in macOS allows attackers to cause unexpected application termination
678	CVE-2025-24232	0.7%	71.5th	9.8	A state management vulnerability in macOS allows malicious applications to bypass file access restri
679	CVE-2025-30387	0.7%	71.4th	9.8	This path traversal vulnerability in Azure allows unauthorized attackers to access restricted direct
680	CVE-2024-12909	0.69%	71.4th	9.8	This SQL injection vulnerability in the FinanceChatLlamaPack allows attackers to execute arbitrary S
681	CVE-2024-38392	0.69%	71.4th	9.1	This vulnerability in Pexip Infinity Connect allows remote attackers to execute arbitrary code by ex
682	CVE-2025-28384	0.69%	71.4th	9.1	This directory traversal vulnerability in OpenC3 COSMOS allows attackers to access files outside the
683	CVE-2025-34274	0.69%	71.4th	9.8	Nagios Log Server versions before 2024R2.0.3 run the embedded Logstash process with root privileges,
684	CVE-2025-34267	0.69%	71.4th	9.9	Flowise versions 3.0.1 through 3.0.7 and all later versions with 'ALLOW_BUILTIN_DEP' enabled contain
685	CVE-2025-3714	0.69%	71.4th	9.8	This critical vulnerability allows unauthenticated remote attackers to execute arbitrary code on LCD
686	CVE-2025-3710	0.69%	71.4th	9.8	CVE-2025-3710 is a critical stack-based buffer overflow vulnerability in LCD KVM over IP Switch CL57
687	CVE-2025-31182	0.69%	71.3th	9.8	This vulnerability allows malicious applications to delete files they shouldn't have permission to a
688	CVE-2024-39288	0.68%	71.2th	9.1	This vulnerability allows authenticated attackers to execute arbitrary code on Wavlink AC3000 router
689	CVE-2024-37357	0.68%	71.2th	9.1	This vulnerability allows authenticated attackers to execute arbitrary code on Wavlink AC3000 router
690	CVE-2025-2266	0.68%	71.1th	9.8	This vulnerability allows unauthenticated attackers to modify WordPress site options via the Checkou
691	CVE-2026-0793	0.68%	71.1th	9.8	CVE-2026-0793 is a heap-based buffer overflow vulnerability in the InformaCast functionality of ALGO
692	CVE-2026-0792	0.68%	71.1th	9.8	This vulnerability allows unauthenticated remote attackers to execute arbitrary code on ALGO 8180 IP
693	CVE-2026-0791	0.68%	71.1th	9.8	This vulnerability allows remote attackers to execute arbitrary code on ALGO 8180 IP Audio Alerter d
694	CVE-2026-23524	0.68%	71.1th	9.8	CVE-2026-23524 is a critical deserialization vulnerability in Laravel Reverb that allows remote code
695	CVE-2025-49836	0.68%	71.1th	9.8	This CVE describes a command injection vulnerability in GPT-SoVITS-WebUI that allows attackers to ex
696	CVE-2025-49834	0.68%	71.1th	9.8	This CVE describes a command injection vulnerability in GPT-SoVITS-WebUI that allows attackers to ex
697	CVE-2024-44373	0.68%	71th	9.8	CVE-2024-44373 is a critical path traversal vulnerability in AllSky software that allows unauthentic
698	CVE-2024-12919	0.67%	70.9th	9.8	This vulnerability allows unauthenticated attackers to bypass authentication in the Paid Membership
699	CVE-2024-57684	0.67%	70.9th	9.8	This vulnerability allows unauthenticated attackers to remotely configure the DMZ (Demilitarized Zon
700	CVE-2025-7721	0.67%	70.8th	9.8	This vulnerability allows unauthenticated attackers to perform Local File Inclusion (LFI) in the Joo

← Previous Page 14 of 70 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free