Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Flags	Summary
701	CVE-2024-13182	0.67%	70.8th	9.8		The WP Directorybox Manager WordPress plugin has an authentication bypass vulnerability that allows
702	CVE-2025-1515	0.67%	70.8th	9.8		The WP Real Estate Manager WordPress plugin has an authentication bypass vulnerability that allows u
703	CVE-2025-28236	0.67%	70.8th	9.8		This vulnerability allows remote attackers to execute arbitrary code on Nautel VX Series transmitter
704	CVE-2025-6895	0.67%	70.8th	9.8		The Melapress Login Security WordPress plugin versions 2.1.0 to 2.1.1 contain an authentication bypa
705	CVE-2025-3917	0.67%	70.7th	9.8		This vulnerability allows unauthenticated attackers to upload arbitrary files to WordPress sites usi
706	CVE-2025-57432	0.66%	70.7th	9.8		Blackmagic Web Presenter version 3.3 exposes an unauthenticated Telnet service on port 9977, allowin
707	CVE-2025-15467	0.66%	70.7th	9.8		This vulnerability allows attackers to trigger a stack buffer overflow by sending maliciously crafte
708	CVE-2025-54386	0.66%	70.7th	9.8		A path traversal vulnerability in Traefik's WASM plugin installation mechanism allows attackers to o
709	CVE-2025-34271	0.66%	70.7th	9.8		Nagios Log Server versions before 2024R2.0.2 transmit cluster credentials over unencrypted channels
710	CVE-2025-24249	0.66%	70.6th	9.8		This CVE describes a macOS sandbox bypass vulnerability that allows malicious applications to check
711	CVE-2025-24207	0.66%	70.6th	9.8		This CVE describes a macOS permissions vulnerability where malicious applications can enable iCloud
712	CVE-2025-24181	0.66%	70.6th	9.8		A permissions vulnerability in macOS allows applications to bypass security restrictions and access
713	CVE-2025-6441	0.65%	70.4th	9.8		This vulnerability allows unauthenticated attackers to generate login tokens for arbitrary WordPress
714	CVE-2025-6187	0.65%	70.4th	9.8		The bSecure WordPress plugin versions 1.3.7 through 1.7.9 have an authentication bypass vulnerabilit
715	CVE-2025-24178	0.65%	70.4th	9.8		This vulnerability allows a malicious app to escape its sandbox restrictions on affected Apple opera
716	CVE-2025-24195	0.65%	70.2th	9.8		An integer overflow vulnerability in macOS allows local users to elevate privileges by exploiting im
717	CVE-2025-29331	0.65%	70.2th	9.8		A critical vulnerability in MHSanaei 3x-ui management panel allows remote attackers to execute arbit
718	CVE-2025-24167	0.64%	70.1th	9.8		This vulnerability in Apple's Safari browser and related operating systems allows attackers to misre
719	CVE-2025-45238	0.64%	70.1th	9.1		FoxCMS v1.2.5 contains an arbitrary file deletion vulnerability in the delRestoreSerie method that a
720	CVE-2025-45800	0.64%	70.1th	9.8		This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK A950RG routers
721	CVE-2025-10585	0.64%	70.1th	9.8	KEV	A type confusion vulnerability in Chrome's V8 JavaScript engine allows attackers to trigger heap cor
722	CVE-2025-50989	0.64%	70.1th	9.1		CVE-2025-50989 is an authenticated command injection vulnerability in OPNsense firewall software tha
723	CVE-2025-54802	0.64%	70.1th	9.8		This vulnerability in pyLoad allows unauthenticated attackers to perform path traversal via the addc
724	CVE-2024-12822	0.64%	70th	9.8		The Media Manager for UserPro WordPress plugin has an authentication bypass vulnerability that allow
725	CVE-2024-8420	0.64%	70th	9.8		The DHVC Form WordPress plugin has a privilege escalation vulnerability that allows unauthenticated
726	CVE-2024-12860	0.64%	70th	9.8		This vulnerability allows unauthenticated attackers to reset passwords for any user account in CarSp
727	CVE-2024-12213	0.64%	70th	9.8		The WP Job Board Pro WordPress plugin has a critical privilege escalation vulnerability that allows
728	CVE-2024-13446	0.64%	70th	9.8		The Workreap WordPress plugin allows unauthenticated attackers to take over any user account, includ
729	CVE-2024-12876	0.64%	70th	9.8		This vulnerability allows unauthenticated attackers to change any WordPress user's password, includi
730	CVE-2024-56180	0.64%	69.9th	9.8		This vulnerability allows attackers to achieve remote code execution on Apache EventMesh servers by
731	CVE-2023-47029	0.64%	70th	9.8		CVE-2023-47029 is a critical vulnerability in NCR Terminal Handler v1.5.1 that allows remote attacke
732	CVE-2025-41723	0.64%	69.9th	9.8		CVE-2025-41723 is a critical directory traversal vulnerability in the importFile SOAP method that al
733	CVE-2025-28100	0.63%	69.9th	9.8		A SQL injection vulnerability in dingfanzuCMS v1.0 allows attackers to execute arbitrary SQL command
734	CVE-2025-11900	0.63%	69.8th	9.8		CVE-2025-11900 is an unauthenticated remote OS command injection vulnerability in HGiga's iSherlock
735	CVE-2025-66261	0.63%	69.8th	9.8		This CVE describes an unauthenticated OS command injection vulnerability in DB Electronica Telecomun
736	CVE-2025-66253	0.63%	69.8th	9.8		This vulnerability allows unauthenticated attackers to execute arbitrary operating system commands o
737	CVE-2025-13284	0.63%	69.8th	9.8		ThinPLUS software contains an OS command injection vulnerability that allows unauthenticated remote
738	CVE-2025-64539	0.63%	69.8th	9.3		Adobe Experience Manager versions 6.5.23 and earlier contain a DOM-based Cross-Site Scripting vulner
739	CVE-2025-64538	0.63%	69.8th	9.3		Adobe Experience Manager versions 6.5.23 and earlier contain a DOM-based Cross-Site Scripting vulner
740	CVE-2025-64537	0.63%	69.8th	9.3		Adobe Experience Manager versions 6.5.23 and earlier contain a DOM-based Cross-Site Scripting vulner
741	CVE-2025-30364	0.63%	69.8th	9.8		A SQL injection vulnerability in WeGIA versions before 3.2.8 allows attackers to execute arbitrary S
742	CVE-2025-4660	0.63%	69.8th	9.8		This vulnerability allows unauthenticated remote attackers to execute arbitrary code on Windows syst
743	CVE-2024-56158	0.63%	69.8th	9.8		This vulnerability allows authenticated XWiki users to execute arbitrary SQL queries on Oracle datab
744	CVE-2025-23123	0.63%	69.8th	10.0		A heap buffer overflow vulnerability in UniFi Protect Camera firmware allows remote code execution.
745	CVE-2024-54852	0.63%	69.7th	9.8		This LDAP injection vulnerability in Teedy allows unauthenticated attackers to manipulate LDAP queri
746	CVE-2025-8723	0.63%	69.7th	9.8		This vulnerability allows unauthenticated attackers to execute arbitrary PHP code on WordPress sites
747	CVE-2025-13915	0.63%	69.7th	9.8		This authentication bypass vulnerability in IBM API Connect allows remote attackers to gain unauthor
748	CVE-2026-21854	0.63%	69.7th	9.8		An authentication bypass vulnerability in Tarkov Data Manager allows unauthenticated attackers to ga
749	CVE-2025-57141	0.62%	69.7th	9.8		CVE-2025-57141 is a critical SQL injection vulnerability in rsbi-os 4.7's sqlite-jdbc component that
750	CVE-2025-27554	0.62%	69.6th	9.9		This vulnerability allows remote attackers to execute arbitrary commands on ToDesktop build servers

← Previous Page 15 of 70 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free