Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 7501 | CVE-2025-3960 |
|
35.2th | 7.3 | CVE-2025-3960 is a critical missing authorization vulnerability in withstars Books-Management-System | |
| 7502 | CVE-2025-8348 |
|
35.2th | 7.3 | This critical vulnerability in Kehua Charging Pile Cloud Platform 1.0 allows attackers to bypass aut | |
| 7503 | CVE-2025-8194 |
|
35.2th | 7.5 | A vulnerability in CPython's tarfile module allows malicious tar archives with negative offsets to c | |
| 7504 | CVE-2025-53739 |
|
35.3th | 7.8 | A type confusion vulnerability in Microsoft Office Excel allows attackers to execute arbitrary code | |
| 7505 | CVE-2025-54952 |
|
35.3th | 9.8 | An integer overflow vulnerability in ExecuTorch model loading causes insufficient memory allocation, | |
| 7506 | CVE-2025-6207 |
|
35.1th | 7.5 | The WP Import Export Lite WordPress plugin allows authenticated users with Subscriber-level access o | |
| 7507 | CVE-2025-54815 |
|
35.2th | 8.8 | This CVE describes a server-side template injection vulnerability in PPress CMS version 0.0.9 that a | |
| 7508 | CVE-2025-57616 |
|
35.2th | 7.5 | A use-after-free vulnerability in rust-ffmpeg's write_interleaved method allows memory corruption th | |
| 7509 | CVE-2025-57612 |
|
35.2th | 7.5 | A null pointer dereference vulnerability in rust-ffmpeg's name() method allows attackers to cause de | |
| 7510 | CVE-2025-11238 |
|
35.3th | 7.2 | The Watu Quiz WordPress plugin versions ≤3.4.4 have a stored XSS vulnerability when the 'Save sour | |
| 7511 | CVE-2025-58718 |
|
35.2th | 8.8 | This vulnerability is a use-after-free memory corruption flaw in Microsoft Remote Desktop Client tha | |
| 7512 | CVE-2025-13540 |
|
35.1th | 9.8 | The Tiare Membership WordPress plugin has a privilege escalation vulnerability that allows unauthent | |
| 7513 | CVE-2025-13538 |
|
35.1th | 9.8 | The FindAll Listing plugin for WordPress has a privilege escalation vulnerability that allows unauth | |
| 7514 | CVE-2025-12849 |
|
35.3th | 5.3 | The Contest Gallery WordPress plugin has an authorization bypass vulnerability that allows unauthent | |
| 7515 | CVE-2025-13559 |
|
35.1th | 9.8 | The EduKart Pro WordPress plugin allows unauthenticated attackers to register accounts with administ | |
| 7516 | CVE-2025-13068 |
|
35.3th | 7.2 | This vulnerability allows unauthenticated attackers to inject malicious scripts into WordPress pages | |
| 7517 | CVE-2025-11127 |
|
35.1th | 9.8 | This vulnerability allows unauthenticated attackers to hijack user sessions in Mstoreapp WordPress p | |
| 7518 | CVE-2025-12160 |
|
35.3th | 7.2 | The Simple User Registration plugin for WordPress has a stored cross-site scripting vulnerability in | |
| 7519 | CVE-2025-12777 |
|
35.3th | 5.3 | The YITH WooCommerce Wishlist plugin for WordPress has an authorization bypass vulnerability that al | |
| 7520 | CVE-2025-11457 |
|
35.1th | 9.8 | This vulnerability allows unauthenticated attackers to register as administrators on WordPress sites | |
| 7521 | CVE-2025-11733 |
|
35.3th | 7.2 | The Footnotes Made Easy WordPress plugin has a stored cross-site scripting vulnerability that allows | |
| 7522 | CVE-2025-8900 |
|
35.1th | 9.8 | The Doccure Core WordPress plugin allows unauthenticated attackers to create accounts with administr | |
| 7523 | CVE-2025-62753 |
|
35.2th | 7.5 | This vulnerability allows attackers to include local files on the server through improper input vali | |
| 7524 | CVE-2025-68560 |
|
35.2th | 7.5 | This vulnerability allows remote attackers to include arbitrary PHP files via a filename parameter i | |
| 7525 | CVE-2025-68546 |
|
35.2th | 7.5 | This vulnerability allows attackers to include local files on the server through improper filename c | |
| 7526 | CVE-2025-68544 |
|
35.2th | 7.5 | This vulnerability allows attackers to include local files on the server through improper filename c | |
| 7527 | CVE-2025-68476 |
|
35.2th | N/A | An arbitrary file read vulnerability in KEDA allows attackers with permissions to create or modify T | |
| 7528 | CVE-2025-64193 |
|
35.2th | 7.5 | This vulnerability allows attackers to include local files on the server through improper filename c | |
| 7529 | CVE-2025-68068 |
|
35.2th | 7.5 | This vulnerability allows attackers to include local files on the server through the Stockholm WordP | |
| 7530 | CVE-2025-68066 |
|
35.2th | 7.5 | This vulnerability allows attackers to include local files on the server through improper filename c | |
| 7531 | CVE-2025-68062 |
|
35.2th | 7.5 | This CVE describes a PHP Local File Inclusion vulnerability in the MinimogWP WordPress theme. Attack | |
| 7532 | CVE-2025-63076 |
|
35.2th | 7.5 | This vulnerability allows attackers to include local files on the server through improper filename c | |
| 7533 | CVE-2025-63074 |
|
35.2th | 7.5 | This vulnerability allows attackers to include local PHP files through improper filename control in | |
| 7534 | CVE-2025-63003 |
|
35.2th | 7.5 | This vulnerability allows attackers to include local files on the server through improper filename c | |
| 7535 | CVE-2025-13542 |
|
35.1th | 9.8 | The DesignThemes LMS WordPress plugin allows unauthenticated attackers to register accounts with adm | |
| 7536 | CVE-2025-59695 |
|
35.3th | 9.8 | This vulnerability allows users with root access to the operating system to modify firmware on the C | |
| 7537 | CVE-2026-24403 |
|
35.2th | 7.1 | An integer overflow vulnerability in iccDEV's CIccProfile::CheckHeader() function allows attackers t | |
| 7538 | CVE-2026-22686 |
|
35.2th | 10.0 | CVE-2026-22686 is a critical sandbox escape vulnerability in enclave-vm that allows untrusted JavaSc | |
| 7539 | CVE-2026-22521 |
|
35.2th | 7.5 | This CVE describes a PHP Local File Inclusion vulnerability in the G5Theme Handmade Framework WordPr | |
| 7540 | CVE-2025-13369 |
|
35.1th | 6.1 | The Premmerce WooCommerce Customers Manager plugin for WordPress is vulnerable to reflected cross-si | |
| 7541 | CVE-2025-69356 |
|
35.2th | 7.5 | This vulnerability allows attackers to include local files on the server through improper filename c | |
| 7542 | CVE-2025-69342 |
|
35.2th | 7.5 | This CVE describes a PHP Local File Inclusion vulnerability in the VanKarWai Calafate WordPress them | |
| 7543 | CVE-2024-13646 |
|
35.1th | 8.1 | The Single-user-chat WordPress plugin has an authorization bypass vulnerability that allows authenti | |
| 7544 | CVE-2023-37029 |
|
35.1th | 7.5 | CVE-2023-37029 allows attackers to cause denial of service by sending oversized NAS packets to Magma | |
| 7545 | CVE-2025-21514 |
|
35th | 5.3 | This vulnerability in Oracle JD Edwards EnterpriseOne Tools allows unauthenticated attackers with ne | |
| 7546 | CVE-2025-22717 |
|
35.1th | 7.5 | This CVE describes a missing authorization vulnerability in the My Tickets WordPress plugin that all | |
| 7547 | CVE-2025-0590 |
|
35.1th | 7.5 | This vulnerability in the CarlCare mobile application allows unauthorized access to sensitive inform | |
| 7548 | CVE-2025-0399 |
|
35.1th | 4.7 | This vulnerability allows remote attackers to upload arbitrary files without restrictions in StarSea | |
| 7549 | CVE-2024-13186 |
|
35.1th | 7.5 | The MinigameCenter module has insufficient URL loading restrictions, allowing attackers to load arbi | |
| 7550 | CVE-2024-13185 |
|
35.1th | 7.5 | The MinigameCenter module has insufficient URL loading restrictions, allowing attackers to load arbi |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free