Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 701 | CVE-2025-3807 |
|
55.1th | 6.3 | This critical vulnerability in My-BBS 1.0 allows remote attackers to upload arbitrary files without | |
| 702 | CVE-2025-3254 |
|
55.1th | 6.3 | This critical vulnerability in xujiangfei admintwo 1.0 allows remote attackers to perform server-sid | |
| 703 | CVE-2024-13814 |
|
55.1th | 5.4 | This vulnerability allows authenticated WordPress users with Subscriber-level access or higher to ex | |
| 704 | CVE-2025-14111 |
|
55.1th | 5.0 | This CVE describes a path traversal vulnerability in Rarlab RAR App for Android that allows attacker | |
| 705 | CVE-2025-12496 |
|
55th | 4.9 | The Zephyr Project Manager WordPress plugin has a directory traversal vulnerability that allows auth | |
| 706 | CVE-2025-3203 |
|
54.9th | 4.3 | This vulnerability in Tenda W18E routers allows remote attackers to trigger a stack-based buffer ove | |
| 707 | CVE-2026-1064 |
|
55th | 4.7 | This vulnerability allows remote attackers to execute arbitrary commands on Bastillion systems throu | |
| 708 | CVE-2026-1063 |
|
55th | 4.7 | This CVE describes a command injection vulnerability in Bastillion's Public Key Management System th | |
| 709 | CVE-2026-2000 |
|
55th | 4.7 | This vulnerability allows remote attackers to execute arbitrary commands on DCN DCME-320 devices thr | |
| 710 | CVE-2025-24192 |
|
54.9th | 6.5 | A script imports isolation vulnerability in Apple WebKit allows malicious websites to bypass securit | |
| 711 | CVE-2025-3268 |
|
54.9th | 5.3 | This vulnerability allows remote attackers to bypass authentication mechanisms in TinyWebServer by m | |
| 712 | CVE-2025-36625 |
|
54.7th | 4.3 | This vulnerability allows unauthenticated attackers to manipulate Nessus logging entries by sending | |
| 713 | CVE-2025-3410 |
|
54.7th | 6.3 | This critical vulnerability in mymagicpower AIAS allows remote attackers to upload arbitrary files w | |
| 714 | CVE-2025-2833 |
|
54.6th | 5.3 | This vulnerability in OneBlog up to version 2.3.9 allows remote attackers to cause denial of service | |
| 715 | CVE-2025-26182 |
|
54.4th | 6.5 | This vulnerability allows remote attackers to execute arbitrary code on systems running xxyopen nove | |
| 716 | CVE-2025-3783 |
|
54.4th | 6.3 | This critical vulnerability in SourceCodester Web-based Pharmacy Product Management System 1.0 allow | |
| 717 | CVE-2025-30710 |
|
54.4th | 4.9 | This vulnerability in Oracle MySQL Cluster allows high-privileged attackers with network access to c | |
| 718 | CVE-2025-30696 |
|
54.4th | 4.9 | This vulnerability in Oracle MySQL Server's Prepared Statements component allows high-privileged att | |
| 719 | CVE-2025-30684 |
|
54.4th | 4.9 | This vulnerability in MySQL Server's replication component allows high-privileged attackers with net | |
| 720 | CVE-2025-21585 |
|
54.4th | 4.9 | This vulnerability in MySQL Server's optimizer component allows high-privileged attackers with netwo | |
| 721 | CVE-2025-21583 |
|
54.4th | 4.9 | This vulnerability in Oracle MySQL Server allows high-privileged attackers with network access to ca | |
| 722 | CVE-2025-21581 |
|
54.4th | 4.9 | This vulnerability in MySQL Server's optimizer component allows high-privileged attackers with netwo | |
| 723 | CVE-2025-21579 |
|
54.4th | 4.9 | This vulnerability in MySQL Server allows high-privileged attackers with network access to cause a d | |
| 724 | CVE-2025-3535 |
|
54.4th | 4.3 | This vulnerability in shuanx BurpAPIFinder allows remote attackers to cause denial of service by man | |
| 725 | CVE-2025-60676 |
|
54.3th | 6.5 | This vulnerability allows unauthenticated remote attackers to execute arbitrary commands on D-Link D | |
| 726 | CVE-2025-60673 |
|
54.3th | 6.5 | This CVE describes an unauthenticated command injection vulnerability in D-Link DIR-878A1 router fir | |
| 727 | CVE-2023-53907 |
|
54.3th | 6.5 | CVE-2023-53907 is an authenticated file download vulnerability in Bludit's Backup Plugin that allows | |
| 728 | CVE-2023-51309 |
|
54.3th | 4.3 | This vulnerability in PHPJabbers Car Park Booking System allows attackers to send excessive emails t | |
| 729 | CVE-2024-53851 |
|
54.2th | 4.3 | This vulnerability in Discourse allows authenticated users to send excessive URL requests to the inl | |
| 730 | CVE-2025-29770 |
|
54.3th | 6.5 | This vulnerability in vLLM's outlines library cache allows denial of service attacks. A malicious us | |
| 731 | CVE-2025-14908 |
|
54.2th | 6.3 | CVE-2025-14908 is an authentication bypass vulnerability in JeecgBoot's multi-tenant management modu | |
| 732 | CVE-2025-1973 |
|
54.2th | 4.9 | This vulnerability in the Export and Import Users and Customers WordPress plugin allows authenticate | |
| 733 | CVE-2024-49200 |
|
54.2th | 6.4 | This vulnerability allows attackers to perform arbitrary writes in DXE memory by manipulating NVRAM | |
| 734 | CVE-2025-30726 |
|
54.2th | 5.3 | This vulnerability in Oracle Application Object Library allows unauthenticated attackers with networ | |
| 735 | CVE-2025-21262 |
|
54.1th | 5.4 | This vulnerability allows an attacker to spoof UI elements in Microsoft Edge, potentially tricking u | |
| 736 | CVE-2025-30821 |
|
54.1th | 5.3 | This CVE describes a missing authorization vulnerability in the SNORDIAN's H5PxAPIkatchu WordPress p | |
| 737 | CVE-2024-10812 |
|
54.1th | 6.1 | An open redirect vulnerability in binary-husky/gpt_academic version 3.83 allows attackers to redirec | |
| 738 | CVE-2025-32256 |
|
54.1th | 5.3 | CVE-2025-32256 is a missing authorization vulnerability in SurveyJS that allows attackers to access | |
| 739 | CVE-2025-24235 |
|
54th | 5.5 | A memory initialization vulnerability in macOS allows remote attackers to cause application crashes | |
| 740 | CVE-2025-62392 |
|
54th | 6.5 | This SQL injection vulnerability in Ivanti Endpoint Manager allows authenticated attackers to read a | |
| 741 | CVE-2025-62391 |
|
54th | 6.5 | This SQL injection vulnerability in Ivanti Endpoint Manager allows authenticated attackers to read a | |
| 742 | CVE-2025-62390 |
|
54th | 6.5 | This SQL injection vulnerability in Ivanti Endpoint Manager allows authenticated attackers to read a | |
| 743 | CVE-2025-62389 |
|
54th | 6.5 | This SQL injection vulnerability in Ivanti Endpoint Manager allows authenticated attackers to read a | |
| 744 | CVE-2025-62388 |
|
54th | 6.5 | This SQL injection vulnerability in Ivanti Endpoint Manager allows authenticated attackers to read a | |
| 745 | CVE-2025-62387 |
|
54th | 6.5 | This SQL injection vulnerability in Ivanti Endpoint Manager allows authenticated attackers to read a | |
| 746 | CVE-2025-62386 |
|
54th | 6.5 | This SQL injection vulnerability in Ivanti Endpoint Manager allows authenticated attackers to read a | |
| 747 | CVE-2025-62385 |
|
54th | 6.5 | This SQL injection vulnerability in Ivanti Endpoint Manager allows authenticated attackers to read a | |
| 748 | CVE-2025-62384 |
|
54th | 6.5 | This SQL injection vulnerability in Ivanti Endpoint Manager allows authenticated attackers to read a | |
| 749 | CVE-2025-62383 |
|
54th | 6.5 | This SQL injection vulnerability in Ivanti Endpoint Manager allows authenticated attackers to read a | |
| 750 | CVE-2025-30670 |
|
54th | 6.5 | A null pointer dereference vulnerability in Zoom Workplace Apps for Windows allows authenticated use |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free