Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 7701 | CVE-2025-3863 |
|
13.4th | 4.3 | This vulnerability allows authenticated WordPress users with Subscriber-level access or higher to ab | |
| 7702 | CVE-2025-62793 |
|
13.3th | 6.8 | eLabFTW versions before 5.3.0 serve uploaded SVG files inline without proper sanitization, allowing | |
| 7703 | CVE-2025-5692 |
|
13.4th | 6.3 | The Lead Form Data Collection to CRM WordPress plugin has a missing capability check vulnerability t | |
| 7704 | CVE-2025-0652 |
|
13.2th | 4.3 | This CVE describes an information disclosure vulnerability in GitLab EE/CE that allows unauthorized | |
| 7705 | CVE-2025-34173 |
|
13.3th | 4.3 | This vulnerability allows authenticated attackers with Snort package permissions to perform director | |
| 7706 | CVE-2025-49222 |
|
13.2th | 6.8 | This vulnerability allows system administrators in Mattermost to upload non-attachment file types vi | |
| 7707 | CVE-2025-5614 |
|
13.3th | 6.3 | This critical SQL injection vulnerability in PHPGurukul Online Fire Reporting System 1.2 allows atta | |
| 7708 | CVE-2026-20029 |
|
13.2th | 4.9 | An XML External Entity (XXE) vulnerability in Cisco ISE and ISE-PIC allows authenticated administrat | |
| 7709 | CVE-2026-23831 |
|
13.2th | 5.3 | This CVE describes a nil pointer dereference vulnerability in Rekor's entry implementation that can | |
| 7710 | CVE-2025-24179 |
|
13.2th | 5.7 | This CVE describes a null pointer dereference vulnerability in multiple Apple operating systems that | |
| 7711 | CVE-2025-68463 |
|
13.2th | 4.9 | This vulnerability in Biopython's Bio.Entrez module allows XML External Entity (XXE) attacks through | |
| 7712 | CVE-2025-47184 |
|
13.1th | 5.3 | An authenticated attacker can exploit an XML external entities (XXE) injection vulnerability in Exag | |
| 7713 | CVE-2025-31197 |
|
13.2th | 5.7 | This vulnerability allows an attacker on the same local network to cause unexpected application term | |
| 7714 | CVE-2025-12808 |
|
13.4th | 6.5 | An improper access control vulnerability in Devolutions Server allows users with 'View-only' permiss | |
| 7715 | CVE-2025-55824 |
|
13.4th | 6.5 | ModStartCMS v9.5.0 contains an arbitrary file write vulnerability that allows attackers to upload ma | |
| 7716 | CVE-2025-2556 |
|
13.3th | 4.3 | The Audi UTR Dashcam 2.0 contains hard-coded credentials in its Video Stream Handler component, allo | |
| 7717 | CVE-2025-54341 |
|
13.4th | 5.3 | This vulnerability involves hard-coded configuration values in Desktop Alert PingAlert's Application | |
| 7718 | CVE-2024-13073 |
|
13.3th | 4.7 | This CVE describes a Cross-Site Scripting (XSS) vulnerability in Akinsoft TaskPano software where us | |
| 7719 | CVE-2025-47789 |
|
13.2th | 6.1 | This is an open redirect vulnerability in Horilla HRMS that allows attackers to craft URLs that redi | |
| 7720 | CVE-2025-30100 |
|
13.2th | 6.7 | Dell Alienware Command Center versions before 6.7.37.0 have an improper access control vulnerability | |
| 7721 | CVE-2025-34176 |
|
13.3th | 4.3 | This vulnerability allows authenticated attackers with 'WebCfg - Services: suricata package' permiss | |
| 7722 | CVE-2025-34236 |
|
13.2th | 5.4 | Advantech WebAccess/VPN versions before 1.1.5 contain a stored cross-site scripting vulnerability in | |
| 7723 | CVE-2025-13251 |
|
13.3th | 6.3 | This CVE describes a SQL injection vulnerability in WeiYe-Jing datax-web versions up to 2.1.2. Attac | |
| 7724 | CVE-2025-3880 |
|
13.4th | 4.3 | This vulnerability in the Poll, Survey & Quiz Maker Plugin by Opinion Stage for WordPress allows aut | |
| 7725 | CVE-2025-10453 |
|
13.4th | 5.3 | O'View MapServer developed by PilotGaea Technologies has a Server-Side Request Forgery (SSRF) vulner | |
| 7726 | CVE-2025-0274 |
|
13.3th | 5.3 | CVE-2025-0274 is an improper access control vulnerability in HCL BigFix Modern Client Management (MC | |
| 7727 | CVE-2025-0275 |
|
13.3th | 5.3 | HCL BigFix Mobile versions 3.3 and earlier have an improper access control vulnerability that allows | |
| 7728 | CVE-2025-3440 |
|
13.4th | 5.5 | IBM Security Guardium 11.5 contains a stored cross-site scripting (XSS) vulnerability that allows pr | |
| 7729 | CVE-2025-28172 |
|
13.3th | 6.5 | Grandstream UCM6510 PBX systems running firmware v1.0.20.52 and earlier lack rate limiting on authen | |
| 7730 | CVE-2025-5654 |
|
13.3th | 6.3 | This critical SQL injection vulnerability in PHPGurukul Complaint Management System 2.0 allows attac | |
| 7731 | CVE-2025-33110 |
|
13.2th | 5.4 | IBM OpenPages versions 9.0 and 9.1 with Watson are vulnerable to HTML injection, allowing attackers | |
| 7732 | CVE-2025-6725 |
|
13.2th | 5.4 | This CVE describes a Cross-Site Scripting (XSS) vulnerability in Telerik's PdfViewer component acros | |
| 7733 | CVE-2025-5656 |
|
13.3th | 6.3 | This critical SQL injection vulnerability in PHPGurukul Complaint Management System 2.0 allows remot | |
| 7734 | CVE-2025-10175 |
|
13.4th | 6.5 | The WP Links Page WordPress plugin contains a SQL injection vulnerability in the 'id' parameter that | |
| 7735 | CVE-2026-1042 |
|
13.2th | 4.4 | The WP Hello Bar WordPress plugin has a stored XSS vulnerability in all versions up to 1.02. Authent | |
| 7736 | CVE-2026-22913 |
|
13.2th | 4.3 | This vulnerability allows attackers to inject malicious scripts via URL parameters, which execute in | |
| 7737 | CVE-2024-32388 |
|
13.4th | 5.3 | A firewall misconfiguration in Kerlink devices running KerOS prior to version 5.12 allows attackers | |
| 7738 | CVE-2025-47644 |
|
13.2th | 4.7 | This CVE describes an open redirect vulnerability in the 'Integrations of Zoho CRM with Elementor fo | |
| 7739 | CVE-2025-40834 |
|
13.3th | 5.7 | A cross-site scripting (XSS) vulnerability exists in Mendix RichText widget versions 4.0.0 through 4 | |
| 7740 | CVE-2025-10652 |
|
13.4th | 6.5 | This SQL injection vulnerability in the Robcore Netatmo WordPress plugin allows authenticated attack | |
| 7741 | CVE-2024-25814 |
|
13.2th | 6.1 | MyNET up to v26.05 contains a reflected cross-site scripting (XSS) vulnerability in the msg paramete | |
| 7742 | CVE-2025-46399 |
|
13.3th | 5.5 | A NULL pointer dereference vulnerability exists in fig2dev's genge_itp_spline function, allowing loc | |
| 7743 | CVE-2024-35321 |
|
13.1th | 4.3 | MyNET up to v26.08 contains a reflected cross-site scripting (XSS) vulnerability in the msgtipo para | |
| 7744 | CVE-2025-5674 |
|
13.3th | 6.3 | CVE-2025-5674 is a critical SQL injection vulnerability in the Patient Record Management System 1.0 | |
| 7745 | CVE-2025-66601 |
|
13.2th | 6.1 | A content sniffing vulnerability in Yokogawa's FAST/TOOLS software allows attackers to execute malic | |
| 7746 | CVE-2024-25812 |
|
13.2th | 6.1 | MyNET up to version 26.05 contains a reflected cross-site scripting (XSS) vulnerability in the src p | |
| 7747 | CVE-2025-9395 |
|
13.2th | 6.3 | This vulnerability in wangsongyan wblog 0.0.1 allows remote attackers to perform server-side request | |
| 7748 | CVE-2025-67290 |
|
13.2th | 6.1 | A stored cross-site scripting vulnerability in Piranha CMS v12.1 allows attackers to inject maliciou | |
| 7749 | CVE-2025-67291 |
|
13.2th | 6.1 | A stored cross-site scripting vulnerability in Piranha CMS v12.1 allows attackers to inject maliciou | |
| 7750 | CVE-2025-66607 |
|
13.2th | 5.3 | This vulnerability in Yokogawa FAST/TOOLS involves insecure response header settings that could allo |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free