Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 7401 | CVE-2025-21519 |
|
35.5th | 4.4 | This vulnerability in Oracle MySQL Server's privilege management component allows high-privileged at | |
| 7402 | CVE-2025-23041 |
|
35.5th | 5.8 | Umbraco.Forms has a vulnerability where character limits for form fields are only enforced client-si | |
| 7403 | CVE-2025-0176 |
|
35.4th | 6.3 | This critical SQL injection vulnerability in code-projects Point of Sales and Inventory Management S | |
| 7404 | CVE-2024-13846 |
|
35.4th | 4.9 | The Indeed Ultimate Learning Pro WordPress plugin contains a time-based SQL injection vulnerability | |
| 7405 | CVE-2025-24419 |
|
35.5th | 4.3 | CVE-2025-24419 is an incorrect authorization vulnerability in Adobe Commerce that allows low-privile | |
| 7406 | CVE-2024-54015 |
|
35.5th | 7.5 | This vulnerability allows an unauthenticated remote attacker to retrieve sensitive information from | |
| 7407 | CVE-2024-42207 |
|
35.5th | 5.5 | HCL iAutomate has a session fixation vulnerability where an attacker can hijack a user's authenticat | |
| 7408 | CVE-2021-26091 |
|
35.4th | 7.5 | This vulnerability allows unauthenticated attackers to infer parts of user authentication tokens due | |
| 7409 | CVE-2024-28803 |
|
35.5th | 6.1 | This cross-site scripting (XSS) vulnerability in Italtel's i-MCS NFV software allows unauthenticated | |
| 7410 | CVE-2025-25620 |
|
35.5th | 5.4 | Unifiedtransform 2.0 contains a cross-site scripting vulnerability in the Create Assignment function | |
| 7411 | CVE-2025-2038 |
|
35.4th | 7.3 | This critical vulnerability in Blood Bank Management System 1.0 allows remote attackers to access di | |
| 7412 | CVE-2025-45011 |
|
35.5th | 5.3 | A HTML injection vulnerability in PHPGurukul Park Ticketing Management System v2.0 allows remote att | |
| 7413 | CVE-2025-45009 |
|
35.5th | 5.3 | A HTML injection vulnerability in PHPGurukul Park Ticketing Management System v2.0 allows remote att | |
| 7414 | CVE-2025-28028 |
|
35.5th | 7.3 | A buffer overflow vulnerability in TOTOLINK routers' downloadFile.cgi component allows attackers to | |
| 7415 | CVE-2025-28022 |
|
35.5th | 7.3 | This CVE describes a buffer overflow vulnerability in TOTOLINK A810R routers through the downloadFil | |
| 7416 | CVE-2025-28020 |
|
35.5th | 7.3 | This CVE describes a buffer overflow vulnerability in TOTOLINK A800R routers through the downloadFil | |
| 7417 | CVE-2025-24859 |
|
35.4th | 8.8 | Apache Roller versions up to 6.1.4 have a session management vulnerability where active user session | |
| 7418 | CVE-2023-41076 |
|
35.5th | 7.3 | This macOS privilege escalation vulnerability allows malicious applications to gain elevated system | |
| 7419 | CVE-2025-2260 |
|
35.5th | 7.5 | This vulnerability in Eclipse ThreadX NetX Duo's HTTP server allows attackers to cause denial of ser | |
| 7420 | CVE-2025-2258 |
|
35.5th | 7.5 | This vulnerability in Eclipse ThreadX NetX Duo's HTTP server allows attackers to cause integer under | |
| 7421 | CVE-2025-48134 |
|
35.5th | 7.2 | This vulnerability allows attackers to inject malicious objects through deserialization of untrusted | |
| 7422 | CVE-2025-47683 |
|
35.5th | 7.2 | This vulnerability allows attackers to inject malicious PHP objects through deserialization of untru | |
| 7423 | CVE-2025-47629 |
|
35.5th | 7.2 | This vulnerability allows attackers to inject malicious objects through deserialization of untrusted | |
| 7424 | CVE-2025-0853 |
|
35.4th | 7.5 | The PGS Core WordPress plugin contains an SQL injection vulnerability in the 'save_header_builder' f | |
| 7425 | CVE-2025-6616 |
|
35.5th | 8.8 | This critical vulnerability in D-Link DIR-619L routers allows remote attackers to execute arbitrary | |
| 7426 | CVE-2025-6614 |
|
35.5th | 8.8 | A critical stack-based buffer overflow vulnerability in D-Link DIR-619L routers allows remote attack | |
| 7427 | CVE-2025-6291 |
|
35.5th | 8.8 | A critical stack-based buffer overflow vulnerability in D-Link DIR-825 router's HTTP POST request ha | |
| 7428 | CVE-2025-6114 |
|
35.5th | 8.8 | A critical stack-based buffer overflow vulnerability in D-Link DIR-619L routers allows remote attack | |
| 7429 | CVE-2025-40568 |
|
35.5th | 4.3 | This vulnerability allows authenticated remote attackers with 'guest' role privileges to terminate l | |
| 7430 | CVE-2024-42646 |
|
35.5th | 7.5 | A segmentation fault vulnerability in NanoMQ v0.21.10 allows attackers to cause Denial of Service (D | |
| 7431 | CVE-2025-54250 |
|
35.5th | 4.9 | Adobe Experience Manager versions 6.5.23.0 and earlier contain an improper input validation vulnerab | |
| 7432 | CVE-2025-49921 |
|
35.5th | 7.3 | This vulnerability allows attackers to include local PHP files through improper filename control in | |
| 7433 | CVE-2025-60641 |
|
35.5th | 6.5 | This vulnerability allows attackers to execute arbitrary code on systems running Vfront 0.99.52 by e | |
| 7434 | CVE-2025-40765 |
|
35.5th | 9.8 | An information disclosure vulnerability in TeleControl Server Basic V3.1 allows unauthenticated remo | |
| 7435 | CVE-2025-65112 |
|
35.5th | 9.4 | PubNet versions before 1.1.3 allow unauthenticated attackers to upload packages as any user by manip | |
| 7436 | CVE-2025-12580 |
|
35.4th | 6.1 | The SMS for WordPress plugin has a reflected cross-site scripting (XSS) vulnerability in the 'paged' | |
| 7437 | CVE-2025-68929 |
|
35.5th | 9.0 | This vulnerability allows authenticated Frappe users with specific permissions to be tricked into cl | |
| 7438 | CVE-2025-15180 |
|
35.5th | 7.2 | A stack-based buffer overflow vulnerability in Tenda WH450 routers allows remote attackers to execut | |
| 7439 | CVE-2025-63390 |
|
35.5th | 5.3 | An authentication bypass vulnerability in AnythingLLM v1.8.5 allows unauthenticated attackers to enu | |
| 7440 | CVE-2024-29370 |
|
35.5th | 5.3 | This vulnerability in python-jose 3.3.0 allows attackers to cause Denial-of-Service (DoS) by sending | |
| 7441 | CVE-2025-13513 |
|
35.4th | 6.1 | The Clik stats WordPress plugin contains a reflected cross-site scripting (XSS) vulnerability that a | |
| 7442 | CVE-2026-25722 |
|
35.5th | 9.1 | CVE-2026-25722 is a directory traversal vulnerability in Claude Code that allows attackers to bypass | |
| 7443 | CVE-2026-1202 |
|
35.5th | 7.3 | This vulnerability allows remote attackers to bypass authentication in CRMEB systems by manipulating | |
| 7444 | CVE-2026-0521 |
|
35.4th | 6.1 | A reflected cross-site scripting vulnerability in TYDAC AG MAP+ allows unauthenticated attackers to | |
| 7445 | CVE-2025-0791 |
|
35.4th | 6.3 | CVE-2025-0791 is a critical SQL injection vulnerability in ESAFENET CDG V5's /sdDoneDetail.jsp endpo | |
| 7446 | CVE-2024-50697 |
|
35.3th | 8.1 | This vulnerability allows remote attackers to execute arbitrary code on SunGrow WiNet-SV200 devices | |
| 7447 | CVE-2023-37039 |
|
35.3th | 6.5 | A null pointer dereference vulnerability in Magma's Mobile Management Entity (MME) allows network-ad | |
| 7448 | CVE-2025-21560 |
|
35.4th | 6.5 | This vulnerability in Oracle Agile PLM Framework allows authenticated attackers with low privileges | |
| 7449 | CVE-2025-21552 |
|
35.4th | 6.5 | This vulnerability in Oracle JD Edwards EnterpriseOne Orchestrator allows authenticated attackers wi | |
| 7450 | CVE-2024-55958 |
|
35.4th | 4.8 | This vulnerability allows cross-site scripting (XSS) attacks in Northern.tech CFEngine Enterprise Mi |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free