Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
651	CVE-2025-32839	0.94%	75.9th	8.8	This SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers t
652	CVE-2025-32837	0.94%	75.9th	8.8	An SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to
653	CVE-2025-32835	0.94%	75.9th	8.8	This SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers t
654	CVE-2025-32833	0.94%	75.9th	8.8	This SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers t
655	CVE-2025-32831	0.94%	75.9th	8.8	This SQL injection vulnerability in TeleControl Server Basic allows authenticated attackers to bypas
656	CVE-2025-32829	0.94%	75.9th	8.8	An SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to
657	CVE-2025-32827	0.94%	75.9th	8.8	This SQL injection vulnerability in TeleControl Server Basic allows authenticated attackers to bypas
658	CVE-2025-32825	0.94%	75.9th	8.8	An SQL injection vulnerability in TeleControl Server Basic allows authenticated attackers to bypass
659	CVE-2025-32823	0.94%	75.9th	8.8	This SQL injection vulnerability in TeleControl Server Basic allows authenticated attackers to bypas
660	CVE-2025-32475	0.94%	75.9th	8.8	This SQL injection vulnerability in TeleControl Server Basic allows authenticated attackers to bypas
661	CVE-2025-31352	0.94%	75.9th	8.8	This SQL injection vulnerability in TeleControl Server Basic allows authenticated attackers to bypas
662	CVE-2025-31350	0.94%	75.9th	8.8	This SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers t
663	CVE-2025-31343	0.94%	75.9th	8.8	This SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers t
664	CVE-2025-30031	0.94%	75.9th	8.8	This SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers t
665	CVE-2025-30003	0.94%	75.9th	8.8	This SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers t
666	CVE-2024-5706	0.94%	75.8th	8.8	This vulnerability in Hitachi Vantara Pentaho Data Integration & Analytics allows attackers to injec
667	CVE-2025-4336	0.94%	75.8th	8.1	The eMagicOne Store Manager for WooCommerce WordPress plugin allows unauthenticated attackers to upl
668	CVE-2024-12613	0.94%	75.8th	7.5	This SQL injection vulnerability in the WordPress Passwords Manager plugin allows unauthenticated at
669	CVE-2024-13475	0.94%	75.8th	7.5	This SQL injection vulnerability in the Small Package Quotes – UPS Edition WordPress plugin allows
670	CVE-2025-29815	0.94%	75.8th	7.6	A use-after-free vulnerability in Microsoft Edge (Chromium-based) allows an authenticated attacker t
671	CVE-2025-15137	0.94%	75.8th	8.8	This vulnerability allows remote attackers to execute arbitrary commands on TRENDnet TEW-800MB route
672	CVE-2025-15136	0.94%	75.8th	8.8	This vulnerability allows remote attackers to execute arbitrary commands on TRENDnet TEW-800MB route
673	CVE-2025-27718	0.94%	75.7th	8.8	A path traversal vulnerability in the USB storage file-sharing function of HGW-BL1500HM devices allo
674	CVE-2025-27130	0.93%	75.7th	8.8	Welcart e-Commerce versions 2.11.6 and earlier contain an untrusted data deserialization vulnerabili
675	CVE-2025-57199	0.93%	75.7th	8.8	This vulnerability allows authenticated attackers to execute arbitrary commands on AVTECH SECURITY C
676	CVE-2025-57198	0.93%	75.7th	8.8	This vulnerability allows authenticated attackers to execute arbitrary commands on AVTECH SECURITY D
677	CVE-2025-10176	0.93%	75.7th	7.2	This vulnerability allows authenticated WordPress administrators to delete arbitrary files on the se
678	CVE-2024-57658	0.92%	75.6th	7.5	This vulnerability in OpenLink Virtuoso OpenSource allows attackers to cause denial of service by se
679	CVE-2024-57657	0.92%	75.6th	7.5	This vulnerability in OpenLink Virtuoso OpenSource allows attackers to cause Denial of Service (DoS)
680	CVE-2024-57656	0.92%	75.6th	7.5	This vulnerability in OpenLink Virtuoso Open-Source Edition allows attackers to cause Denial of Serv
681	CVE-2024-57653	0.92%	75.6th	7.5	This vulnerability in OpenLink Virtuoso Open-Source Edition allows attackers to cause Denial of Serv
682	CVE-2024-57652	0.92%	75.6th	7.5	This SQL injection vulnerability in OpenLink Virtuoso's numeric_to_dv component allows attackers to
683	CVE-2024-57651	0.92%	75.6th	7.5	This SQL injection vulnerability in the jp_add component of OpenLink Virtuoso allows attackers to ex
684	CVE-2024-57650	0.92%	75.6th	7.5	This vulnerability in OpenLink Virtuoso Open-Source Edition allows attackers to cause Denial of Serv
685	CVE-2024-57648	0.92%	75.6th	7.5	A SQL injection vulnerability in the itc_set_param_row component of OpenLink Virtuoso OpenSource all
686	CVE-2024-57643	0.92%	75.6th	7.5	A SQL injection vulnerability in the box_deserialize_string component of OpenLink Virtuoso Open Sour
687	CVE-2024-57642	0.92%	75.6th	7.5	This vulnerability in OpenLink Virtuoso OpenSource allows attackers to execute crafted SQL statement
688	CVE-2024-57638	0.92%	75.6th	7.5	A SQL injection vulnerability in the dfe_body_copy component of OpenLink Virtuoso Open-Source allows
689	CVE-2024-57637	0.92%	75.6th	7.5	This SQL injection vulnerability in OpenLink Virtuoso's dfe_unit_gb_dependant component allows attac
690	CVE-2024-57636	0.92%	75.6th	7.5	This vulnerability in OpenLink Virtuoso Open-Source allows attackers to execute crafted SQL statemen
691	CVE-2024-57635	0.92%	75.6th	7.5	This SQL injection vulnerability in OpenLink Virtuoso's chash_array component allows attackers to ex
692	CVE-2024-12544	0.92%	75.6th	8.8	The SurveyJS WordPress plugin has an arbitrary file deletion vulnerability that allows authenticated
693	CVE-2025-41229	0.92%	75.5th	8.2	VMware Cloud Foundation contains a directory traversal vulnerability (CWE-22) that allows attackers
694	CVE-2024-8060	0.92%	75.5th	8.1	OpenWebUI 0.3.0 has a critical vulnerability in its audio transcription API that allows authenticate
695	CVE-2025-26260	0.92%	75.5th	8.8	Plenti versions up to 0.7.16 are vulnerable to remote code execution via the /postLocal endpoint. At
696	CVE-2025-8243	0.91%	75.5th	8.8	This critical buffer overflow vulnerability in TOTOLINK X15 routers allows remote attackers to execu
697	CVE-2025-31117	0.91%	75.4th	7.5	This Out-of-Band Server-Side Request Forgery (OOB SSRF) vulnerability in OpenEMR allows attackers to
698	CVE-2026-0795	0.91%	75.4th	8.8	This vulnerability allows authenticated remote attackers to execute arbitrary system commands on ALG
699	CVE-2025-25003	0.91%	75.3th	7.3	This vulnerability allows an authorized attacker to exploit an uncontrolled search path element in V
700	CVE-2025-24998	0.91%	75.3th	7.3	This vulnerability allows an authorized attacker to exploit an uncontrolled search path element in V

← Previous Page 14 of 265 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free