Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 7801 | CVE-2024-36274 |
|
13th | 6.5 | An out-of-bounds write vulnerability in Intel 800 Series Ethernet drivers allows unauthenticated att | |
| 7802 | CVE-2024-58001 |
|
12.8th | 5.5 | This CVE addresses a memory handling issue in the Linux kernel's OCFS2 filesystem driver where a sym | |
| 7803 | CVE-2025-14267 |
|
12.8th | 4.9 | This vulnerability in M-Files Server allows sensitive information to be exposed due to incomplete da | |
| 7804 | CVE-2025-67789 |
|
12.8th | 5.3 | This vulnerability allows authenticated users of DriveLock to retrieve the computer count of other t | |
| 7805 | CVE-2025-11875 |
|
12.8th | 6.4 | This vulnerability allows authenticated WordPress users with contributor-level access or higher to i | |
| 7806 | CVE-2025-36017 |
|
13.1th | 6.5 | IBM Controller and Cognos Controller versions store sensitive information unencrypted in environment | |
| 7807 | CVE-2025-8807 |
|
13.1th | 6.3 | This critical vulnerability in xujeff tianti (夊梯) up to version 2.3 allows remote attackers to b | |
| 7808 | CVE-2025-64650 |
|
13.1th | 6.5 | IBM Storage Defender - Resiliency Service versions 2.0.0 through 2.0.18 write sensitive user credent | |
| 7809 | CVE-2025-12112 |
|
13th | 6.4 | This vulnerability allows authenticated WordPress users with Author-level permissions or higher to i | |
| 7810 | CVE-2025-58459 |
|
13th | 4.3 | The Jenkins global-build-stats plugin has a missing authorization vulnerability in its REST API endp | |
| 7811 | CVE-2025-55225 |
|
13.1th | 6.5 | This vulnerability allows an unauthorized attacker to read memory outside the intended buffer in Win | |
| 7812 | CVE-2026-1742 |
|
13.1th | 4.7 | This vulnerability allows remote attackers to upload arbitrary files to the EFM ipTIME A8004T router | |
| 7813 | CVE-2024-58297 |
|
12.8th | 5.4 | PyroCMS v3.0.1 contains a stored cross-site scripting vulnerability in the admin redirects configura | |
| 7814 | CVE-2025-11868 |
|
13th | 6.4 | The everviz WordPress plugin up to version 1.1 contains a stored cross-site scripting (XSS) vulnerab | |
| 7815 | CVE-2025-6008 |
|
13.1th | 4.7 | This CVE describes a critical SQL injection vulnerability in kiCode111 like-girl version 5.2.0. Atta | |
| 7816 | CVE-2025-12643 |
|
12.8th | 6.4 | The Saphali LiqPay for donate WordPress plugin has a stored cross-site scripting vulnerability in al | |
| 7817 | CVE-2025-41728 |
|
12.9th | 5.3 | A low-privileged remote attacker can exploit an out-of-bounds read vulnerability in the Device Manag | |
| 7818 | CVE-2024-11301 |
|
13th | 6.5 | This vulnerability allows attackers to overwrite existing evaluator data by submitting POST requests | |
| 7819 | CVE-2025-12823 |
|
13th | 6.4 | The CSV to SortTable WordPress plugin has a stored XSS vulnerability in all versions up to 4.2. Auth | |
| 7820 | CVE-2025-47152 |
|
13.1th | 6.5 | An out-of-bounds read vulnerability in PDF-XChange Editor's EMF functionality allows attackers to re | |
| 7821 | CVE-2025-54562 |
|
12.9th | 4.3 | This vulnerability in Desktop Alert PingAlert's Application Server (versions 6.1.0.11 to 6.1.1.2) al | |
| 7822 | CVE-2024-6712 |
|
12.9th | 6.1 | The MapFig Studio WordPress plugin through version 0.2.1 lacks CSRF protection and proper input sani | |
| 7823 | CVE-2024-20105 |
|
13.1th | 6.7 | CVE-2024-20105 is an out-of-bounds write vulnerability in MediaTek's m4u (Memory Management Unit) dr | |
| 7824 | CVE-2025-12365 |
|
13.1th | 5.3 | This vulnerability involves error messages being exposed in HTTP headers, potentially leaking sensit | |
| 7825 | CVE-2025-6009 |
|
13.1th | 4.7 | This is a critical SQL injection vulnerability in the like-girl software version 5.2.0. Attackers ca | |
| 7826 | CVE-2025-67732 |
|
13th | 6.5 | Dify versions before 1.11.0 expose API keys in plaintext to frontend users, allowing non-administrat | |
| 7827 | CVE-2025-47449 |
|
13th | 5.9 | This stored cross-site scripting (XSS) vulnerability in the Meow Gallery WordPress plugin allows att | |
| 7828 | CVE-2024-52935 |
|
13th | 4.1 | This vulnerability allows kernel software running inside a Guest VM to write data outside its alloca | |
| 7829 | CVE-2025-8605 |
|
13th | 6.4 | This stored XSS vulnerability in the Gutenify WordPress plugin allows authenticated attackers with c | |
| 7830 | CVE-2025-56800 |
|
13th | 5.1 | This vulnerability allows local attackers to bypass the lock screen authentication in Reolink deskto | |
| 7831 | CVE-2025-8609 |
|
12.8th | 6.4 | The RTMKit Addons for Elementor WordPress plugin has a stored cross-site scripting vulnerability tha | |
| 7832 | CVE-2026-2098 |
|
13th | 6.1 | AgentFlow software by Flowring contains a reflected cross-site scripting (XSS) vulnerability that al | |
| 7833 | CVE-2025-20302 |
|
12.8th | 4.3 | This vulnerability allows authenticated low-privileged users on Cisco Secure FMC to bypass authoriza | |
| 7834 | CVE-2025-12088 |
|
13th | 6.4 | The Meta Display Block WordPress plugin has a stored XSS vulnerability that allows authenticated att | |
| 7835 | CVE-2024-8032 |
|
12.9th | 6.1 | The Smooth Gallery Replacement WordPress plugin through version 1.0 lacks CSRF protection and proper | |
| 7836 | CVE-2026-1596 |
|
13.1th | 6.3 | This CVE describes a remote command injection vulnerability in D-Link DWR-M961 routers. Attackers ca | |
| 7837 | CVE-2025-12457 |
|
13th | 6.4 | This vulnerability allows authenticated WordPress users with Author-level permissions or higher to u | |
| 7838 | CVE-2025-12691 |
|
13th | 6.4 | This stored XSS vulnerability in the Photonic Gallery WordPress plugin allows authenticated attacker | |
| 7839 | CVE-2024-8090 |
|
12.8th | 6.1 | This vulnerability in the JavaScript Logic WordPress plugin allows attackers to perform Cross-Site R | |
| 7840 | CVE-2025-11841 |
|
13th | 6.4 | This vulnerability allows authenticated WordPress users with Contributor-level access or higher to i | |
| 7841 | CVE-2025-12324 |
|
13th | 6.4 | This stored XSS vulnerability in TablePress WordPress plugin allows authenticated attackers with con | |
| 7842 | CVE-2024-8095 |
|
12.9th | 6.1 | This vulnerability in the BabelZ WordPress plugin allows attackers to trick logged-in administrators | |
| 7843 | CVE-2025-60632 |
|
12.9th | 6.5 | This vulnerability in Free5GC allows attackers to cause denial of service by sending specially craft | |
| 7844 | CVE-2025-40626 |
|
12.8th | 6.1 | A reflected XSS vulnerability in AbanteCart v1.4.0 allows attackers to inject malicious JavaScript v | |
| 7845 | CVE-2025-55135 |
|
12.8th | 6.4 | This vulnerability allows cross-site scripting (XSS) attacks via malicious SVG profile picture uploa | |
| 7846 | CVE-2025-31332 |
|
13.1th | 6.6 | This vulnerability allows attackers with local system access to modify files in SAP BusinessObjects | |
| 7847 | CVE-2025-13765 |
|
12.9th | 4.3 | CVE-2025-13765 allows non-administrative users in Devolutions Server to access email service credent | |
| 7848 | CVE-2025-12559 |
|
12.9th | 4.3 | This vulnerability allows any authenticated Mattermost user to view team email addresses that should | |
| 7849 | CVE-2025-55629 |
|
13th | 6.5 | This vulnerability allows attackers to change other users' passwords on Reolink Smart 2K+ Plug-in Wi | |
| 7850 | CVE-2024-1440 |
|
12.9th | 5.4 | An open redirection vulnerability in WSO2 products allows attackers to craft malicious authenticatio |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation â making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free