Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
7801	CVE-2025-31812	0.14%	34.7th	6.5	This stored cross-site scripting (XSS) vulnerability in the BuddyPress Members Only WordPress plugin
7802	CVE-2025-31804	0.14%	34.7th	6.5	This stored cross-site scripting (XSS) vulnerability in the WordPress Follow Us Badges plugin allows
7803	CVE-2025-31797	0.14%	34.7th	6.5	This stored cross-site scripting (XSS) vulnerability in the BoldGrid Sprout Clients WordPress plugin
7804	CVE-2025-31778	0.14%	34.7th	6.5	This Cross-site Scripting (XSS) vulnerability in the WordPress Donate Me plugin allows attackers to
7805	CVE-2025-31770	0.14%	34.7th	6.5	This stored cross-site scripting (XSS) vulnerability in the Content Manager Light WordPress plugin a
7806	CVE-2025-31767	0.14%	34.7th	6.5	This stored cross-site scripting (XSS) vulnerability in the Post Custom Templates Lite WordPress plu
7807	CVE-2025-31761	0.14%	34.7th	6.5	This stored cross-site scripting (XSS) vulnerability in the DEJAN Hypotext WordPress plugin allows a
7808	CVE-2025-31759	0.14%	34.7th	6.5	This stored cross-site scripting (XSS) vulnerability in the BooSpot Boo Recipes WordPress plugin all
7809	CVE-2025-31754	0.14%	34.7th	6.5	This stored cross-site scripting (XSS) vulnerability in the DobsonDev Shortcodes WordPress plugin al
7810	CVE-2025-31749	0.14%	34.7th	6.5	This stored cross-site scripting (XSS) vulnerability in the HMH Footer Builder For Elementor WordPre
7811	CVE-2025-31747	0.14%	34.7th	6.5	A DOM-based cross-site scripting (XSS) vulnerability in the WP Chrono WordPress plugin allows attack
7812	CVE-2025-31744	0.14%	34.7th	6.5	This stored cross-site scripting (XSS) vulnerability in the Lightweight and Responsive Youtube Embed
7813	CVE-2025-31740	0.14%	34.7th	6.5	This stored cross-site scripting (XSS) vulnerability in the aThemeArt News, Magazine and Blog Elemen
7814	CVE-2025-31737	0.14%	34.7th	6.5	This stored cross-site scripting (XSS) vulnerability in the dxladner Client Showcase WordPress plugi
7815	CVE-2025-31734	0.14%	34.7th	6.5	This DOM-based XSS vulnerability in the Simple Post Expiration WordPress plugin allows attackers to
7816	CVE-2025-31730	0.14%	34.7th	6.5	This stored cross-site scripting (XSS) vulnerability in the DigitalCourt Marketer Addons WordPress p
7817	CVE-2025-5124	0.14%	34.6th	8.1	This critical vulnerability in Sony network camera models allows attackers to gain administrative ac
7818	CVE-2025-43563	0.14%	34.5th	9.1	This CVE describes an Improper Access Control vulnerability in Adobe ColdFusion that allows high-pri
7819	CVE-2025-4341	0.14%	34.5th	6.3	This critical vulnerability in D-Link DIR-880L routers allows remote attackers to execute arbitrary
7820	CVE-2025-33064	0.14%	34.5th	8.8	A heap-based buffer overflow vulnerability in Windows Routing and Remote Access Service (RRAS) allow
7821	CVE-2025-5120	0.14%	34.7th	10.0	This CVE describes a critical sandbox escape vulnerability in huggingface/smolagents version 1.14.0
7822	CVE-2025-51501	0.14%	34.7th	6.1	This reflected XSS vulnerability in Microweber CMS 2.0 allows attackers to inject malicious JavaScri
7823	CVE-2025-9693	0.14%	34.7th	8.0	This vulnerability allows authenticated WordPress users with Subscriber-level access or higher to de
7824	CVE-2025-10123	0.14%	34.5th	7.3	This CVE describes a command injection vulnerability in D-Link DIR-823X routers that allows remote a
7825	CVE-2025-36128	0.14%	34.6th	7.5	IBM MQ is vulnerable to denial of service attacks where attackers can exploit improper timeout enfor
7826	CVE-2025-59975	0.14%	34.6th	7.5	An unauthenticated attacker can flood Juniper Junos Space with HTTP API requests, consuming all file
7827	CVE-2025-59964	0.14%	34.6th	7.5	An uninitialized resource vulnerability in Juniper SRX4700 devices with forwarding-options sampling
7828	CVE-2025-13145	0.14%	34.5th	7.2	This vulnerability allows authenticated WordPress administrators to perform PHP object injection by
7829	CVE-2025-12099	0.14%	34.5th	7.2	This vulnerability allows authenticated WordPress administrators to inject PHP objects through the A
7830	CVE-2025-60241	0.14%	34.7th	7.5	This CVE describes a PHP Local File Inclusion vulnerability in the Premmerce WordPress plugin. Attac
7831	CVE-2025-60240	0.14%	34.7th	7.5	This vulnerability allows attackers to include local files on the server through improper filename c
7832	CVE-2025-60189	0.14%	34.7th	7.5	This vulnerability allows attackers to include local files on the server through improper filename c
7833	CVE-2025-60073	0.14%	34.7th	7.5	This CVE describes a PHP Local File Inclusion vulnerability in the Responsive Sidebar WordPress plug
7834	CVE-2025-34179	0.14%	34.6th	N/A	CVE-2025-34179 is an unauthenticated SQL injection vulnerability in NetSupport Manager's Connectivit
7835	CVE-2026-0407	0.14%	34.7th	8.0	This CVE describes an authentication bypass vulnerability in NETGEAR WiFi range extenders that allow
7836	CVE-2026-21880	0.14%	34.5th	5.3	Kanboard versions 1.2.48 and below contain an LDAP injection vulnerability in the authentication mec
7837	CVE-2025-23216	0.14%	34.5th	6.8	Argo CD versions before v2.13.4, v2.12.10, and v2.11.13 expose Kubernetes Secret values in error mes
7838	CVE-2024-45340	0.14%	34.4th	8.8	This vulnerability in Go's GOAUTH feature allows malicious servers to improperly access credentials
7839	CVE-2025-24618	0.14%	34.5th	4.3	This CVE describes a missing authorization vulnerability in ElementInvader Addons for Elementor Word
7840	CVE-2024-55954	0.14%	34.4th	8.7	This vulnerability in OpenObserve allows users with 'Admin' role privileges to delete 'Root' user ac
7841	CVE-2024-57760	0.14%	34.4th	6.5	This SQL injection vulnerability in JeeWMS allows attackers to execute arbitrary SQL commands throug
7842	CVE-2024-12472	0.14%	34.5th	5.3	The Post Duplicator WordPress plugin allows authenticated attackers with Contributor-level access or
7843	CVE-2024-13194	0.14%	34.4th	6.3	This CVE describes a critical SQL injection vulnerability in Sucms 1.0's admin_members.php file. Att
7844	CVE-2024-20151	0.14%	34.5th	6.7	CVE-2024-20151 is an out-of-bounds write vulnerability in MediaTek modem firmware that allows local
7845	CVE-2024-56022	0.14%	34.5th	7.1	This vulnerability allows attackers to inject malicious scripts into web pages generated by the Word
7846	CVE-2025-25505	0.14%	34.4th	6.5	A buffer overflow vulnerability in Tenda AC6 routers allows attackers to execute arbitrary code or c
7847	CVE-2025-1188	0.14%	34.4th	6.3	A critical SQL injection vulnerability exists in Codezips Gym Management System 1.0, specifically in
7848	CVE-2020-36085	0.14%	34.4th	6.3	This stored XSS vulnerability in Egavilan Media Resumes Management and Job Application Website 1.0 a
7849	CVE-2025-22918	0.14%	34.4th	7.5	Polycom RealPresence Group 500 video conferencing systems running firmware version 20 or earlier hav
7850	CVE-2025-30914	0.14%	34.5th	4.4	This Server-Side Request Forgery (SSRF) vulnerability in XpeedStudio's Metform WordPress plugin allo

← Previous Page 157 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free