Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 7651 | CVE-2023-36337 |
|
13.2th | 6.1 | This reflected cross-site scripting (XSS) vulnerability in PHP Inventory Management System 1 allows | |
| 7652 | CVE-2025-51962 |
|
13.3th | 6.1 | A HTML injection vulnerability in MicroStudio's comment section allows attackers to inject malicious | |
| 7653 | CVE-2025-55073 |
|
13.2th | 5.4 | This vulnerability allows attackers to edit arbitrary posts in Mattermost by exploiting an improper | |
| 7654 | CVE-2025-4649 |
|
13.1th | 4.9 | A privilege escalation vulnerability in Centreon web allows users with lower privileges to view even | |
| 7655 | CVE-2025-5566 |
|
13.3th | 6.3 | This critical vulnerability in PHPGurukul Notice Board System 1.0 allows remote attackers to execute | |
| 7656 | CVE-2026-0584 |
|
13.2th | 6.3 | CVE-2026-0584 is a SQL injection vulnerability in code-projects Online Product Reservation System 1. | |
| 7657 | CVE-2025-59351 |
|
13.2th | 5.3 | Dragonfly versions before 2.1.0 contain a nil pointer dereference vulnerability where code panics wh | |
| 7658 | CVE-2025-64319 |
|
13.3th | 5.3 | This vulnerability allows attackers to manipulate writeable configuration files in Salesforce Muleso | |
| 7659 | CVE-2025-55816 |
|
13.2th | 6.1 | HotelDruid v3.0.7 and earlier contains a cross-site scripting (XSS) vulnerability in the /modifica_a | |
| 7660 | CVE-2025-24863 |
|
13.4th | 6.5 | This vulnerability in Intel CIP software allows unprivileged authenticated users to potentially acce | |
| 7661 | CVE-2025-64192 |
|
13.2th | 6.3 | This CVE describes a Missing Authorization vulnerability in the XStore WordPress theme that allows a | |
| 7662 | CVE-2025-64322 |
|
13.3th | 5.3 | This vulnerability allows attackers to manipulate configuration files due to incorrect permission as | |
| 7663 | CVE-2025-13873 |
|
13.3th | 5.4 | This stored XSS vulnerability in ObjectPlanet Opinio's survey-import feature allows attackers to inj | |
| 7664 | CVE-2025-14183 |
|
13.4th | 4.3 | This vulnerability in SGAI Space1 NAS devices allows remote attackers to retrieve stored credentials | |
| 7665 | CVE-2025-41768 |
|
13.2th | 5.5 | A high-privileged remote attacker can inject malicious scripts into custom CSS fields on affected de | |
| 7666 | CVE-2025-62247 |
|
13.4th | 6.5 | This vulnerability allows authenticated users in Liferay Portal/DXP to access and select unauthorize | |
| 7667 | CVE-2025-62612 |
|
13.4th | 5.3 | CVE-2025-62612 is a Server-Side Request Forgery (SSRF) vulnerability in FastGPT's workflow file read | |
| 7668 | CVE-2024-58289 |
|
13.3th | 5.4 | Microweber 2.0.15 contains a stored cross-site scripting vulnerability in user profile fields that a | |
| 7669 | CVE-2024-39355 |
|
13.3th | 6.5 | This vulnerability in certain Intel processors allows an authenticated local user to cause a denial | |
| 7670 | CVE-2025-53834 |
|
13.2th | 6.3 | A reflected cross-site scripting (XSS) vulnerability in Caido's toast UI component allows attackers | |
| 7671 | CVE-2025-5837 |
|
13.3th | 6.3 | A critical SQL injection vulnerability in PHPGurukul Employee Record Management System 1.3 allows re | |
| 7672 | CVE-2025-15209 |
|
13.2th | 6.3 | CVE-2025-15209 is a SQL injection vulnerability in the Refugee Food Management System 1.0 that allow | |
| 7673 | CVE-2025-13221 |
|
13.4th | 5.3 | This vulnerability in Intelbras UnniTI 24.07.11 allows remote attackers to access plaintext admin cr | |
| 7674 | CVE-2025-61074 |
|
13.3th | 4.6 | A stored cross-site scripting (XSS) vulnerability in the adata Software GmbH Mitarbeiter Portal bull | |
| 7675 | CVE-2025-13505 |
|
13.2th | 4.8 | This stored XSS vulnerability in Datateam Information Technologies' Datactive software allows attack | |
| 7676 | CVE-2025-10660 |
|
13.4th | 6.5 | This SQL injection vulnerability in the WP Dashboard Chat WordPress plugin allows authenticated atta | |
| 7677 | CVE-2025-10682 |
|
13.4th | 6.5 | The TARIFFUXX WordPress plugin versions up to 1.4 contain a SQL injection vulnerability that allows | |
| 7678 | CVE-2024-42191 |
|
13.3th | 6.5 | HCL Traveler for Microsoft Outlook (HTMO) has a COM hijacking vulnerability that allows attackers to | |
| 7679 | CVE-2026-23952 |
|
13.4th | 6.5 | ImageMagick versions 14.10.1 and below have a NULL pointer dereference vulnerability in the MSL pars | |
| 7680 | CVE-2025-12031 |
|
13.3th | 5.3 | This vulnerability allows attackers to read sensitive cookies via JavaScript due to missing Secure a | |
| 7681 | CVE-2026-24514 |
|
13.3th | 6.5 | This CVE describes a denial-of-service vulnerability in ingress-nginx's validating admission control | |
| 7682 | CVE-2026-2111 |
|
13.2th | 4.3 | JeecgBoot versions up to 3.9.0 contain a path traversal vulnerability in the Retrieval-Augmented Gen | |
| 7683 | CVE-2025-15212 |
|
13.2th | 6.3 | This SQL injection vulnerability in Refugee Food Management System 1.0 allows attackers to manipulat | |
| 7684 | CVE-2025-47455 |
|
13.2th | 4.7 | This vulnerability allows attackers to redirect users from legitimate WooCommerce/Salesforce integra | |
| 7685 | CVE-2024-57601 |
|
13.3th | 6.1 | A cross-site scripting (XSS) vulnerability in EasyAppointments v1.5.0 allows remote attackers to inj | |
| 7686 | CVE-2025-8583 |
|
13.4th | 4.3 | This vulnerability in Google Chrome allows attackers to create malicious web pages that spoof legiti | |
| 7687 | CVE-2025-69225 |
|
13.1th | 5.3 | AIOHTTP versions 3.13.2 and below contain a parser vulnerability that allows non-ASCII decimal chara | |
| 7688 | CVE-2025-10329 |
|
13.3th | 6.3 | This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in cdevroe unmark up to versio | |
| 7689 | CVE-2025-55623 |
|
13.4th | 5.4 | This vulnerability allows attackers to bypass the lock screen authentication on Reolink mobile apps | |
| 7690 | CVE-2025-47951 |
|
13.1th | 4.9 | Weblate versions before 5.12 lack rate limiting on second-factor authentication endpoints, allowing | |
| 7691 | CVE-2025-34080 |
|
13.1th | 6.1 | This vulnerability allows attackers to execute reflected cross-site scripting (XSS) attacks via the | |
| 7692 | CVE-2024-13304 |
|
13.4th | 4.5 | A Cross-Site Request Forgery (CSRF) vulnerability in the Drupal Minify JS module allows attackers to | |
| 7693 | CVE-2025-15479 |
|
13.3th | 5.4 | Authenticated users with survey creation/edit privileges in NGSurvey Enterprise Edition 3.6.4 can in | |
| 7694 | CVE-2025-41705 |
|
13.4th | 6.8 | CVE-2025-41705 allows an unauthenticated attacker positioned as a man-in-the-middle (MITM) to interc | |
| 7695 | CVE-2025-5857 |
|
13.3th | 6.3 | This critical SQL injection vulnerability in Patient Record Management System 1.0 allows remote atta | |
| 7696 | CVE-2024-39724 |
|
13.3th | 5.3 | This vulnerability in IBM Db2 Big SQL on Cloud Pak for Data allows authenticated users with internal | |
| 7697 | CVE-2025-54384 |
|
13.3th | 6.3 | This vulnerability is a cross-site scripting (XSS) flaw in CKAN's helpers.markdown_extract() functio | |
| 7698 | CVE-2025-62778 |
|
13.3th | 5.3 | Frappe Learning versions 2.39.1 and earlier contain a direct object reference vulnerability where st | |
| 7699 | CVE-2025-53505 |
|
13.2th | 5.3 | Group-Office versions before 6.8.119 and 25.0.20 contain a path traversal vulnerability that allows | |
| 7700 | CVE-2025-20287 |
|
13.4th | 4.3 | This vulnerability allows authenticated attackers with Config Managers credentials to upload arbitra |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free