Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 7101 | CVE-2024-57765 |
|
36.5th | 7.5 | This SQL injection vulnerability in MSFM allows attackers to execute arbitrary SQL commands through | |
| 7102 | CVE-2025-21202 |
|
36.4th | 6.1 | This vulnerability allows an authenticated attacker to elevate privileges within the Windows Recover | |
| 7103 | CVE-2024-49785 |
|
36.4th | 5.4 | This CVE describes a cross-site scripting (XSS) vulnerability in IBM watsonx.ai that allows authenti | |
| 7104 | CVE-2024-13311 |
|
36.5th | 7.3 | This vulnerability in Drupal's 'Allow All File Extensions' module allows attackers to upload malicio | |
| 7105 | CVE-2024-13267 |
|
36.4th | 7.5 | This vulnerability allows attackers to include and execute arbitrary PHP files on Drupal sites using | |
| 7106 | CVE-2022-45186 |
|
36.4th | 8.1 | SuiteCRM 7.12.7 contains an authenticated data disclosure vulnerability that allows authenticated us | |
| 7107 | CVE-2021-27285 |
|
36.5th | 8.4 | This vulnerability in Inspur ClusterEngine v4.0 allows attackers to escalate local privileges and ex | |
| 7108 | CVE-2025-27109 |
|
36.4th | 7.3 | This vulnerability in solid-js allows user input to be rendered as HTML when placed directly inside | |
| 7109 | CVE-2025-26310 |
|
36.5th | 6.5 | Multiple memory leaks in ABC file parsing functions in libming v0.4.8 allow attackers to cause denia | |
| 7110 | CVE-2024-13887 |
|
36.5th | 5.3 | This vulnerability allows unauthenticated attackers to upload arbitrary images to WordPress listings | |
| 7111 | CVE-2024-9658 |
|
36.5th | 8.8 | This vulnerability allows authenticated attackers with student-level access or higher in the School | |
| 7112 | CVE-2025-27659 |
|
36.5th | 9.8 | This SQL injection vulnerability in Vasion Print (formerly PrinterLogic) allows attackers to execute | |
| 7113 | CVE-2025-27640 |
|
36.5th | 9.8 | This SQL injection vulnerability in Vasion Print (formerly PrinterLogic) allows attackers to execute | |
| 7114 | CVE-2025-31033 |
|
36.5th | 9.8 | A Cross-Site Request Forgery (CSRF) vulnerability in the Adam Nowak Buddypress Humanity WordPress pl | |
| 7115 | CVE-2025-3150 |
|
36.4th | 4.3 | This vulnerability allows attackers to perform cross-site request forgery (CSRF) attacks against the | |
| 7116 | CVE-2025-5052 |
|
36.4th | 7.3 | A critical buffer overflow vulnerability in FreeFloat FTP Server 1.0's LS command handler allows rem | |
| 7117 | CVE-2025-5049 |
|
36.4th | 7.3 | CVE-2025-5049 is a critical buffer overflow vulnerability in FreeFloat FTP Server 1.0's APPEND comma | |
| 7118 | CVE-2025-4871 |
|
36.4th | 7.3 | A critical buffer overflow vulnerability in PCMan FTP Server 2.0.7 allows remote attackers to execut | |
| 7119 | CVE-2025-4847 |
|
36.4th | 7.3 | A critical buffer overflow vulnerability in FreeFloat FTP Server 1.0's MLS command handler allows re | |
| 7120 | CVE-2025-4845 |
|
36.4th | 7.3 | A critical buffer overflow vulnerability exists in FreeFloat FTP Server 1.0's TRACE command handler, | |
| 7121 | CVE-2025-4792 |
|
36.4th | 7.3 | CVE-2025-4792 is a critical buffer overflow vulnerability in FreeFloat FTP Server 1.0's MDELETE comm | |
| 7122 | CVE-2025-47549 |
|
36.5th | 9.1 | This vulnerability allows attackers to upload arbitrary files, including web shells, to WordPress si | |
| 7123 | CVE-2025-4162 |
|
36.4th | 7.3 | A critical buffer overflow vulnerability in PCMan FTP Server's ASCII command handler allows remote a | |
| 7124 | CVE-2025-4160 |
|
36.4th | 7.3 | A critical buffer overflow vulnerability exists in PCMan FTP Server's LS command handler, allowing r | |
| 7125 | CVE-2025-4158 |
|
36.4th | 7.3 | A critical buffer overflow vulnerability in PCMan FTP Server's PROMPT command handler allows remote | |
| 7126 | CVE-2025-49715 |
|
36.4th | 7.5 | This vulnerability in Dynamics 365 FastTrack Implementation Assets allows unauthorized attackers to | |
| 7127 | CVE-2025-53472 |
|
36.5th | 7.2 | This CVE describes an OS command injection vulnerability in ELECOM WRC-BE36QS-B and WRC-W701-B wirel | |
| 7128 | CVE-2025-52353 |
|
36.4th | 9.8 | This vulnerability allows authenticated attackers to upload malicious files containing PHP code to B | |
| 7129 | CVE-2025-29155 |
|
36.5th | 6.5 | A command injection vulnerability in petstore v1.0.7 allows remote attackers to execute arbitrary co | |
| 7130 | CVE-2025-12094 |
|
36.4th | 5.3 | The OOPSpam Anti-Spam WordPress plugin is vulnerable to IP header spoofing, allowing unauthenticated | |
| 7131 | CVE-2025-12970 |
|
36.4th | 8.8 | CVE-2025-12970 is a buffer overflow vulnerability in Fluent Bit's in_docker input plugin that allows | |
| 7132 | CVE-2025-13596 |
|
36.4th | N/A | ATISoluciones CIGES Application versions 2.15.6 and earlier expose sensitive information through det | |
| 7133 | CVE-2025-64184 |
|
36.4th | 8.8 | This vulnerability in Dosage comic downloader allows remote attackers to write arbitrary files outsi | |
| 7134 | CVE-2025-14855 |
|
36.5th | 7.2 | The SureForms WordPress plugin has a stored cross-site scripting vulnerability that allows unauthent | |
| 7135 | CVE-2025-64676 |
|
36.5th | 7.2 | This vulnerability in Microsoft Purview allows authenticated attackers to execute arbitrary code rem | |
| 7136 | CVE-2025-65082 |
|
36.4th | 6.5 | This vulnerability allows attackers to manipulate CGI program behavior by injecting malicious enviro | |
| 7137 | CVE-2025-20036 |
|
36.3th | 6.5 | Mattermost Mobile Apps versions up to 2.22.0 fail to properly validate post properties, allowing aut | |
| 7138 | CVE-2025-21274 |
|
36.3th | 5.5 | This vulnerability in Windows Event Tracing allows attackers to cause a denial of service condition | |
| 7139 | CVE-2024-35273 |
|
36.3th | 7.2 | This vulnerability allows attackers to execute arbitrary code with elevated privileges on Fortinet F | |
| 7140 | CVE-2024-54996 |
|
36.3th | 8.8 | MonicaHQ v4.1.2 contains authenticated client-side injection vulnerabilities in the title and descri | |
| 7141 | CVE-2024-37412 |
|
36.3th | 4.3 | This CSRF vulnerability in the Blossom Shop WordPress theme allows attackers to trick authenticated | |
| 7142 | CVE-2025-25195 |
|
36.3th | 4.3 | This CVE describes an information disclosure vulnerability in Zulip's development branch where priva | |
| 7143 | CVE-2025-1635 |
|
36.3th | 6.5 | This vulnerability in Devolutions Remote Desktop Manager allows authenticated users to export hub da | |
| 7144 | CVE-2025-1941 |
|
36.3th | 9.1 | This vulnerability allows attackers to bypass authentication requirements for Firefox's Focus featur | |
| 7145 | CVE-2025-24522 |
|
36.3th | 10.0 | KUNBUS Revolution Pi OS Bookworm 01/2025 has no authentication configured by default for its Node-RE | |
| 7146 | CVE-2025-1041 |
|
36.3th | 9.9 | An improper input validation vulnerability in Avaya Call Management System allows remote attackers t | |
| 7147 | CVE-2025-27953 |
|
36.3th | 6.5 | A session management vulnerability in Clinical Collaboration Platform 12.2.1.5 allows remote attacke | |
| 7148 | CVE-2025-6215 |
|
36.3th | 5.3 | The Omnishop WordPress plugin has an unauthenticated registration bypass vulnerability that allows a | |
| 7149 | CVE-2025-48952 |
|
36.3th | 9.4 | This CVE describes an authentication bypass vulnerability in NetAlertX where attackers can log in wi | |
| 7150 | CVE-2025-54466 |
|
36.3th | 9.8 | This CVE describes a critical code injection vulnerability in Apache OFBiz's scrum plugin, allowing |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free