Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
6951	CVE-2025-30881	0.16%	36.9th	4.3	This CVE describes a missing authorization vulnerability in the ThemeHunk Big Store WordPress theme
6952	CVE-2025-30874	0.16%	36.9th	4.3	This CVE describes a missing authorization vulnerability in the WordPress plugin 'Specific Content F
6953	CVE-2024-53351	0.16%	37th	9.8	Insecure permissions in PipeCD v0.49 allow attackers to access the service account's authentication
6954	CVE-2024-54018	0.16%	37th	7.2	This vulnerability allows privileged attackers to execute arbitrary operating system commands on For
6955	CVE-2024-13546	0.16%	36.9th	4.3	The GenerateBlocks WordPress plugin exposes sensitive content from private, draft, and scheduled pos
6956	CVE-2025-32684	0.16%	36.9th	5.0	This CVE describes a Missing Authorization vulnerability in the MapSVG Lite WordPress plugin that al
6957	CVE-2025-27437	0.16%	36.9th	4.3	This vulnerability allows authenticated non-administrative users in SAP NetWeaver Application Server
6958	CVE-2025-31882	0.16%	36.9th	4.3	This CVE describes a Missing Authorization vulnerability in the WPWebinarSystem WebinarPress WordPre
6959	CVE-2025-31856	0.16%	36.9th	4.3	This CVE describes a Missing Authorization vulnerability in the WordPress Export All Post Meta plugi
6960	CVE-2025-40664	0.16%	37th	9.1	CVE-2025-40664 is a missing authentication vulnerability in TCMAN GIM v11 that allows unauthenticate
6961	CVE-2025-32798	0.16%	36.9th	9.8	CVE-2025-32798 allows arbitrary code execution during conda package builds due to unsafe eval() usag
6962	CVE-2025-12271	0.16%	36.9th	8.8	A buffer overflow vulnerability in Tenda CH22 router firmware version 1.0.0.1 allows remote attacker
6963	CVE-2025-12265	0.16%	36.9th	8.8	A buffer overflow vulnerability in Tenda CH22 router firmware version 1.0.0.1 allows remote attacker
6964	CVE-2025-12211	0.16%	36.9th	8.8	This vulnerability allows remote attackers to execute arbitrary code on Tenda O3 routers via a stack
6965	CVE-2025-26392	0.16%	36.9th	5.4	SolarWinds Observability Self-Hosted contains a SQL injection vulnerability that allows authenticate
6966	CVE-2025-20360	0.16%	36.9th	5.8	A vulnerability in Cisco's Snort 3 HTTP Decoder allows unauthenticated remote attackers to trigger a
6967	CVE-2025-61912	0.16%	36.9th	5.3	A vulnerability in python-ldap's escape_dn_chars() function incorrectly escapes null bytes, causing
6968	CVE-2025-13400	0.16%	36.9th	8.8	A buffer overflow vulnerability in Tenda CH22 routers allows remote attackers to execute arbitrary c
6969	CVE-2025-64205	0.16%	37th	8.2	This vulnerability allows attackers to include local files on the server through improper filename c
6970	CVE-2025-60055	0.16%	37th	8.2	This vulnerability allows attackers to include local files on the server through improper filename c
6971	CVE-2025-14746	0.16%	37th	4.3	This vulnerability allows unauthenticated access to the RTSP live video stream endpoint in Ningyuand
6972	CVE-2025-14191	0.16%	36.9th	8.8	This vulnerability allows remote attackers to execute arbitrary code on UTT 512W routers through a b
6973	CVE-2025-14015	0.16%	36.9th	8.8	A buffer overflow vulnerability in H3C Magic B0 routers allows remote attackers to execute arbitrary
6974	CVE-2026-25732	0.16%	36.9th	7.5	This vulnerability in NiceGUI allows attackers to perform path traversal attacks by uploading files
6975	CVE-2026-21969	0.16%	36.9th	9.8	An unauthenticated remote code execution vulnerability in Oracle Agile Product Lifecycle Management
6976	CVE-2024-25705	0.16%	36.9th	5.4	A cross-site scripting (XSS) vulnerability in Esri Portal for ArcGIS Experience Builder allows authe
6977	CVE-2025-61506	0.16%	36.9th	9.8	MediaCrush versions through 1.0.1 contain an unrestricted file upload vulnerability that allows unau
6978	CVE-2024-54512	0.16%	36.9th	9.1	A system binary vulnerability in Apple operating systems could allow an attacker to fingerprint a us
6979	CVE-2024-35113	0.16%	36.8th	4.3	IBM Control Center versions 6.2.1 and 6.3.1 contain an information disclosure vulnerability where au
6980	CVE-2025-0582	0.16%	36.8th	4.7	This critical vulnerability in itsourcecode Farm Management System allows remote attackers to upload
6981	CVE-2025-23919	0.16%	36.8th	5.4	This Cross-Site Scripting (XSS) vulnerability in the Ella van Durpe Slides & Presentations WordPress
6982	CVE-2024-46666	0.16%	36.8th	5.3	This CVE describes a resource allocation vulnerability in FortiOS that allows remote unauthenticated
6983	CVE-2024-38790	0.16%	36.8th	6.5	This CSRF vulnerability in the Smartsupp WordPress plugin allows attackers to trick authenticated ad
6984	CVE-2024-38766	0.16%	36.8th	4.3	This CSRF vulnerability in Matomo Analytics allows attackers to trick authenticated administrators i
6985	CVE-2024-38763	0.16%	36.8th	4.3	This Cross-Site Request Forgery (CSRF) vulnerability in the Popularis Verse WordPress theme allows a
6986	CVE-2024-38754	0.16%	36.8th	4.3	This CSRF vulnerability in Tagbox Taggbox WordPress plugin allows attackers to trick authenticated a
6987	CVE-2024-38751	0.16%	36.8th	4.3	This CSRF vulnerability in the AdsforWP WordPress plugin allows attackers to trick authenticated adm
6988	CVE-2024-38691	0.16%	36.8th	4.3	This CVE describes a Cross-Site Request Forgery (CSRF) vulnerability in the Metorik plugin for WooCo
6989	CVE-2024-37543	0.16%	36.8th	4.3	A Cross-Site Request Forgery (CSRF) vulnerability in the Ultimate Auction WordPress plugin allows at
6990	CVE-2024-37473	0.16%	36.8th	4.3	This Cross-Site Request Forgery (CSRF) vulnerability in the BlazeThemes Trendy News WordPress theme
6991	CVE-2024-37448	0.16%	36.8th	4.3	A Cross-Site Request Forgery (CSRF) vulnerability in the FameThemes OnePress WordPress theme allows
6992	CVE-2024-37426	0.16%	36.8th	4.3	This CSRF vulnerability in the Rara Theme Elegant Pink WordPress theme allows attackers to trick aut
6993	CVE-2024-37272	0.16%	36.8th	4.3	This CSRF vulnerability in the Travel Monster WordPress theme allows attackers to trick authenticate
6994	CVE-2024-37242	0.16%	36.8th	4.3	A Cross-Site Request Forgery (CSRF) vulnerability in the WordPress Newspack Newsletters plugin allow
6995	CVE-2024-37235	0.16%	36.8th	4.3	This CSRF vulnerability in Groundhogg WordPress plugin allows attackers to trick authenticated admin
6996	CVE-2024-37103	0.16%	36.8th	4.3	A Cross-Site Request Forgery (CSRF) vulnerability in the Rara Theme Education Zone WordPress theme a
6997	CVE-2025-26526	0.16%	36.8th	6.5	This vulnerability allows users to bypass Separate Groups mode restrictions in Moodle's Feedback act
6998	CVE-2025-26013	0.16%	36.8th	8.2	This vulnerability in Loggrove v1.0 allows remote attackers to read sensitive information through th
6999	CVE-2023-51317	0.16%	36.9th	6.5	PHPJabbers Restaurant Booking System v3.0 contains multiple HTML injection vulnerabilities in variou
7000	CVE-2025-0825	0.16%	36.8th	5.3	CVE-2025-0825 is a CRLF injection vulnerability in cpp-httplib where null-byte-prefixed CRLF sequenc

← Previous Page 140 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free