Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
7651	CVE-2025-2089	0.14%	34.8th	5.4	This vulnerability in StarSea99 starsea-mall allows attackers to bypass access controls and modify u
7652	CVE-2025-39399	0.14%	34.8th	7.5	This vulnerability allows attackers to include local files on the server through improper filename c
7653	CVE-2025-39391	0.14%	34.8th	7.5	This vulnerability allows attackers to include local files on the server through improper filename c
7654	CVE-2025-39387	0.14%	34.8th	7.5	This vulnerability allows attackers to include local files on the server through improper filename c
7655	CVE-2025-39378	0.14%	34.8th	7.5	This vulnerability allows attackers to include local files on the server through improper filename c
7656	CVE-2025-39360	0.14%	34.8th	7.5	This vulnerability allows attackers to include local files on the server through improper filename c
7657	CVE-2025-32921	0.14%	34.8th	7.5	This vulnerability allows attackers to include local files on the server through improper filename c
7658	CVE-2025-1534	0.14%	34.8th	5.4	This CVE describes a cross-site scripting (XSS) vulnerability in Payara Server, allowing attackers t
7659	CVE-2025-27528	0.14%	34.8th	9.1	This vulnerability allows attackers to exploit insecure deserialization in Apache InLong's JDBC comp
7660	CVE-2025-32925	0.14%	34.8th	8.3	This vulnerability allows attackers to include local files on the server through improper filename c
7661	CVE-2024-45516	0.14%	34.8th	6.1	A Cross-Site Scripting (XSS) vulnerability in Zimbra Collaboration's Classic UI allows attackers to
7662	CVE-2025-32975	0.14%	34.7th	10.0	This CVE describes an authentication bypass vulnerability in Quest KACE Systems Management Appliance
7663	CVE-2025-23100	0.14%	34.7th	7.5	A NULL pointer dereference vulnerability in Samsung Exynos mobile processors allows attackers to cau
7664	CVE-2023-45584	0.14%	34.8th	6.6	A double free vulnerability in multiple Fortinet products allows privileged attackers to execute arb
7665	CVE-2025-10891	0.14%	34.7th	8.8	An integer overflow vulnerability in Chrome's V8 JavaScript engine allows remote attackers to trigge
7666	CVE-2025-43347	0.14%	34.7th	9.8	An input validation vulnerability in Apple operating systems allows attackers to execute arbitrary c
7667	CVE-2025-54376	0.14%	34.7th	7.5	Hoverfly versions 1.11.3 and prior have an authentication bypass vulnerability in the admin WebSocke
7668	CVE-2025-60834	0.14%	34.8th	6.5	A deserialization vulnerability in uzy-ssm-mall v1.1.0 allows attackers to execute arbitrary code by
7669	CVE-2025-43727	0.14%	34.8th	7.5	An authentication bypass vulnerability in Dell PowerProtect Data Domain's RestAPI allows unauthentic
7670	CVE-2024-58336	0.14%	34.8th	5.3	Akuvox Smart Intercom S539 devices contain an unauthenticated vulnerability that allows remote attac
7671	CVE-2025-66429	0.14%	34.7th	8.8	A directory traversal vulnerability in cPanel's Team Manager API allows attackers to overwrite arbit
7672	CVE-2025-11837	0.14%	34.7th	9.8	This critical vulnerability in Malware Remover allows remote attackers to bypass security protection
7673	CVE-2026-25056	0.14%	34.7th	8.8	This vulnerability in n8n's Merge node allows authenticated users with workflow creation/modificatio
7674	CVE-2025-58382	0.14%	34.8th	7.2	This vulnerability in Brocade Fabric OS allows authenticated remote attackers with administrative cr
7675	CVE-2024-40693	0.14%	34.7th	8.0	IBM Planning Analytics 2.0 and 2.1 have a file upload vulnerability that allows attackers to upload
7676	CVE-2024-25034	0.14%	34.7th	8.0	IBM Planning Analytics 2.0 and 2.1 have a file upload vulnerability in the File Manager T1 process t
7677	CVE-2025-22980	0.14%	34.7th	6.7	A SQL injection vulnerability in SLiMS 9 Bulian 9.6.1 allows attackers to execute arbitrary SQL comm
7678	CVE-2025-0580	0.14%	34.6th	5.6	This CVE describes an authorization bypass vulnerability in Shiprocket Module 3 for OpenCart. Attack
7679	CVE-2025-0545	0.14%	34.5th	4.7	This Cross-Site Scripting (XSS) vulnerability in Tekrom Technology T-Soft E-Commerce allows attacker
7680	CVE-2024-13528	0.14%	34.6th	7.5	The Customer Email Verification for WooCommerce WordPress plugin has an authentication bypass vulner
7681	CVE-2025-1084	0.14%	34.6th	4.3	This vulnerability allows attackers to perform Cross-Site Request Forgery (CSRF) attacks against Min
7682	CVE-2025-31624	0.14%	34.7th	6.5	This DOM-based Cross-Site Scripting (XSS) vulnerability in the LABCAT Processing Projects WordPress
7683	CVE-2025-31621	0.14%	34.7th	6.5	This stored cross-site scripting (XSS) vulnerability in the byBrick Accordion WordPress plugin allow
7684	CVE-2025-31614	0.14%	34.7th	6.5	This stored cross-site scripting (XSS) vulnerability in the WordPress Terms Before Download plugin a
7685	CVE-2025-31608	0.14%	34.7th	6.5	This stored cross-site scripting (XSS) vulnerability in the CookieHint WP WordPress plugin allows at
7686	CVE-2025-31604	0.14%	34.7th	6.5	This vulnerability allows attackers to inject malicious scripts into Cal.com web pages, which execut
7687	CVE-2025-31597	0.14%	34.7th	6.5	This stored cross-site scripting (XSS) vulnerability in the Ultimate Live Cricket WordPress Lite plu
7688	CVE-2025-31595	0.14%	34.7th	6.5	This stored cross-site scripting (XSS) vulnerability in the WordPress Timeline Event History plugin
7689	CVE-2025-31592	0.14%	34.7th	6.5	This stored cross-site scripting (XSS) vulnerability in the WordPress Send E-mail plugin allows atta
7690	CVE-2025-31590	0.14%	34.7th	6.5	This stored cross-site scripting (XSS) vulnerability in the WP Date and Time Shortcode WordPress plu
7691	CVE-2025-31586	0.14%	34.7th	6.5	This stored cross-site scripting (XSS) vulnerability in the GhozyLab Gallery – Photo Albums WordPr
7692	CVE-2025-31567	0.14%	34.7th	6.5	This stored cross-site scripting (XSS) vulnerability in the Themesflat Addons For Elementor WordPres
7693	CVE-2025-31559	0.14%	34.7th	6.5	This DOM-based Cross-Site Scripting (XSS) vulnerability in Caspio Bridge Custom Database Application
7694	CVE-2025-31556	0.14%	34.7th	6.5	This stored cross-site scripting (XSS) vulnerability in the IMPress for IDX Broker WordPress plugin
7695	CVE-2025-31549	0.14%	34.7th	6.5	This DOM-based Cross-Site Scripting (XSS) vulnerability in the Agency Dominion Inc. Fusion WordPress
7696	CVE-2025-31543	0.14%	34.7th	6.5	This DOM-based Cross-Site Scripting (XSS) vulnerability in the Twice Commerce WordPress plugin allow
7697	CVE-2025-31535	0.14%	34.7th	6.5	This DOM-based Cross-Site Scripting (XSS) vulnerability in the Simple Owl Carousel WordPress plugin
7698	CVE-2025-31532	0.14%	34.7th	6.5	This stored cross-site scripting (XSS) vulnerability in the AtomChat WordPress plugin allows attacke
7699	CVE-2025-30963	0.14%	34.7th	6.5	This DOM-based cross-site scripting vulnerability in Crocoblock's JetSmartFilters WordPress plugin a
7700	CVE-2025-30961	0.14%	34.7th	6.5	This DOM-based cross-site scripting (XSS) vulnerability in the Trackserver WordPress plugin allows a

← Previous Page 154 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free