Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
7151	CVE-2025-8910	0.05%	14.2th	6.1	CVE-2025-8910 is a reflected cross-site scripting vulnerability in WellChoose's Organization Portal
7152	CVE-2025-8911	0.05%	14.2th	6.1	CVE-2025-8911 is a reflected cross-site scripting (XSS) vulnerability in WellChoose's Organization P
7153	CVE-2025-20294	0.05%	14.5th	6.5	This vulnerability allows authenticated administrators on Cisco UCS Manager to execute arbitrary com
7154	CVE-2025-9595	0.05%	14.6th	4.3	This vulnerability allows attackers to inject malicious scripts into the Student Information Managem
7155	CVE-2025-68934	0.05%	14.3th	6.5	This vulnerability allows authenticated users to submit specially crafted payloads to Discourse's dr
7156	CVE-2025-64766	0.05%	14.6th	5.3	CVE-2025-64766 is a hard-coded secret vulnerability in NixOS's OnlyOffice document server module tha
7157	CVE-2025-39404	0.05%	14.6th	4.7	This CVE describes an open redirect vulnerability in the Heateor Support Sassy Social Share WordPres
7158	CVE-2025-48121	0.05%	14.2th	6.5	This DOM-based Cross-Site Scripting (XSS) vulnerability in the WP Notes Widget WordPress plugin allo
7159	CVE-2024-41763	0.05%	14.4th	5.9	IBM Engineering Lifecycle Optimization - Publishing versions 7.0.2 and 7.0.3 use weak cryptographic
7160	CVE-2025-40605	0.05%	14.2th	5.3	A path traversal vulnerability in SonicWall Email Security appliances allows attackers to bypass dir
7161	CVE-2025-8795	0.05%	14.6th	6.3	This critical vulnerability in LitmusChaos Litmus allows attackers to bypass access controls via imp
7162	CVE-2024-52560	0.05%	14.3th	5.5	A vulnerability in the Linux kernel's NTFS3 filesystem driver could cause filesystem corruption when
7163	CVE-2025-8797	0.05%	14.6th	6.3	A critical permission vulnerability in LitmusChaos Litmus up to version 3.19.0 allows remote attacke
7164	CVE-2025-64321	0.05%	14.4th	5.3	This vulnerability allows attackers to manipulate configuration files through improper input neutral
7165	CVE-2025-46451	0.05%	14.2th	5.9	This stored cross-site scripting (XSS) vulnerability in the Floating Social Bar WordPress plugin all
7166	CVE-2025-64318	0.05%	14.4th	5.3	This vulnerability allows attackers to manipulate LLM prompts to write malicious content to configur
7167	CVE-2025-10649	0.05%	14.4th	6.5	This SQL injection vulnerability in the Welcart e-Commerce WordPress plugin allows authenticated att
7168	CVE-2025-60011	0.05%	14.3th	5.8	An unauthenticated network attacker can send a specific BGP attribute to Juniper Junos devices, caus
7169	CVE-2024-44636	0.05%	14.3th	6.5	This SQL injection vulnerability in PHPGurukul Student Record System 3.20 allows attackers to manipu
7170	CVE-2025-25265	0.05%	14.6th	4.9	This vulnerability allows authenticated high-privileged remote attackers to read arbitrary files fro
7171	CVE-2025-59438	0.05%	14.3th	5.3	Mbed TLS versions through 3.6.4 contain a timing side-channel vulnerability in RSA decryption with P
7172	CVE-2025-38007	0.05%	14.3th	5.5	A NULL pointer dereference vulnerability exists in the Linux kernel's HID uclogic driver when memory
7173	CVE-2025-39369	0.05%	14.2th	6.5	This vulnerability allows attackers to inject malicious scripts into web pages generated by the Post
7174	CVE-2025-53886	0.05%	14.5th	4.5	This vulnerability in Directus logs sensitive authentication tokens when using WebHook triggers in F
7175	CVE-2025-46263	0.05%	14.2th	6.5	This stored cross-site scripting (XSS) vulnerability in the WordPress Author Box After Posts plugin
7176	CVE-2025-54348	0.05%	14.2th	6.5	A stored cross-site scripting (XSS) vulnerability in Desktop Alert PingAlert Application Server vers
7177	CVE-2025-11974	0.05%	14.5th	6.5	This vulnerability allows unauthenticated attackers to cause denial of service by uploading large fi
7178	CVE-2025-10575	0.05%	14.4th	6.5	This SQL injection vulnerability in the WP jQuery Pager WordPress plugin allows authenticated attack
7179	CVE-2025-47441	0.05%	14.2th	6.5	This stored cross-site scripting (XSS) vulnerability in the WordPress Progress Bar plugin allows att
7180	CVE-2025-47443	0.05%	14.2th	6.5	This stored cross-site scripting (XSS) vulnerability in the Widget Countdown WordPress plugin allows
7181	CVE-2025-10730	0.05%	14.4th	6.5	The Wp tabber widget plugin for WordPress has an SQL injection vulnerability in all versions up to 4
7182	CVE-2025-11632	0.05%	14.4th	4.3	This vulnerability in the Call Now Button WordPress plugin allows authenticated attackers with Subsc
7183	CVE-2025-13177	0.05%	14.4th	4.3	This vulnerability allows attackers to perform cross-site request forgery (CSRF) attacks against Bdt
7184	CVE-2025-11365	0.05%	14.4th	6.5	This vulnerability allows authenticated attackers with Contributor-level access or higher to perform
7185	CVE-2025-21752	0.05%	14.3th	5.5	A Linux kernel Btrfs filesystem vulnerability allows corruption of RAID stripe-tree metadata when us
7186	CVE-2025-39450	0.05%	14.2th	6.5	This DOM-based Cross-Site Scripting (XSS) vulnerability in the Crocoblock JetTabs WordPress plugin a
7187	CVE-2026-0649	0.05%	14.4th	4.7	This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in InvoiceNinja's migration im
7188	CVE-2025-9434	0.05%	14.2th	4.3	This vulnerability allows attackers to inject malicious scripts via the 'desc' parameter in the /adm
7189	CVE-2025-46517	0.05%	14.2th	5.9	This stored cross-site scripting (XSS) vulnerability in the Blog Manager WP WordPress plugin allows
7190	CVE-2025-9438	0.05%	14.2th	4.3	This vulnerability allows attackers to inject malicious scripts into the 'address' parameter of the
7191	CVE-2024-8082	0.05%	14.3th	4.3	This vulnerability in the Widgets Reset WordPress plugin allows attackers to trick logged-in adminis
7192	CVE-2025-9439	0.05%	14.2th	4.3	This CVE describes a cross-site scripting (XSS) vulnerability in the 1000projects Online Project Rep
7193	CVE-2025-8837	0.05%	14.2th	5.3	This CVE describes a use-after-free vulnerability in JasPer's JPEG2000 file handler that could allow
7194	CVE-2025-9440	0.05%	14.2th	4.3	This vulnerability allows attackers to inject malicious scripts into the 'Title' parameter of the /a
7195	CVE-2025-47475	0.05%	14.2th	6.5	This stored cross-site scripting (XSS) vulnerability in JupiterX Core WordPress plugin allows attack
7196	CVE-2025-9824	0.05%	14.2th	5.9	This vulnerability allows attackers to determine whether specific usernames exist in a system by mea
7197	CVE-2025-15355	0.05%	14.4th	6.1	ISOinsight software developed by NetVision Information contains a reflected cross-site scripting (XS
7198	CVE-2025-47482	0.05%	14.2th	6.5	This stored cross-site scripting (XSS) vulnerability in the SKT Skill Bar WordPress plugin allows at
7199	CVE-2025-40893	0.05%	14.4th	6.1	An unauthenticated attacker can inject HTML into asset attributes by sending crafted network packets
7200	CVE-2025-11429	0.05%	14.4th	5.4	Keycloak sessions created while 'Remember Me' was enabled retain extended lifetimes even after admin

← Previous Page 144 of 332 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free