Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Flags	Summary
751	CVE-2024-54756	2.63%	85.4th	9.8		This CVE describes a critical remote code execution vulnerability in GZDoom v4.13.1. Attackers can e
752	CVE-2024-11609	2.62%	85.3th	7.8		A stack-based buffer overflow vulnerability in AutomationDirect C-More EA9 programming software allo
753	CVE-2024-12390	2.6%	85.3th	8.8		This vulnerability allows remote attackers to execute arbitrary code on systems running vulnerable v
754	CVE-2024-12389	2.6%	85.3th	8.8		A path traversal vulnerability in binary-husky/gpt_academic allows attackers to write arbitrary file
755	CVE-2025-4828	2.6%	85.3th	9.8		This vulnerability in the Support Board WordPress plugin allows attackers to delete arbitrary files
756	CVE-2024-42642	2.6%	85.3th	6.7		A buffer overflow vulnerability in Micron Crucial MX500 SSDs allows attackers to execute arbitrary c
757	CVE-2025-55010	2.6%	85.3th	9.1		CVE-2025-55010 is an unsafe deserialization vulnerability in Kanboard that allows admin users to exe
758	CVE-2025-3002	2.59%	85.3th	7.3		This critical vulnerability in Digital China DCME-520 devices allows remote attackers to execute arb
759	CVE-2025-2701	2.57%	85.2th	6.3		This critical vulnerability in AMTT Hotel Broadband Operation System 1.0 allows remote attackers to
760	CVE-2025-25742	2.56%	85.2th	9.8		This CVE describes a critical stack-based buffer overflow vulnerability in D-Link DIR-853 routers th
761	CVE-2025-54366	2.54%	85.1th	8.8		CVE-2025-54366 is a critical deserialization vulnerability in FreeScout help desk software that allo
762	CVE-2025-23317	2.53%	85.1th	9.1		NVIDIA Triton Inference Server's HTTP server has a heap-based buffer overflow vulnerability (CWE-122
763	CVE-2025-52089	2.53%	85.1th	8.8		This vulnerability allows authenticated attackers to execute arbitrary operating system commands wit
764	CVE-2024-13634	2.53%	85.1th	6.1		The Post Sync WordPress plugin through version 1.1 contains a reflected cross-site scripting (XSS) v
765	CVE-2025-0624	2.49%	85th	7.6		This CVE-2025-0624 vulnerability in grub2 allows remote attackers on the same network segment to exe
766	CVE-2025-55141	2.48%	85th	8.8		This CVE describes a missing authorization vulnerability in Ivanti security products that allows aut
767	CVE-2025-50165	2.48%	85th	9.8		This critical vulnerability in Microsoft Graphics Component allows remote attackers to execute arbit
768	CVE-2026-21514	2.47%	85th	7.8	KEV	This vulnerability in Microsoft Office Word allows attackers to bypass local security features by ma
769	CVE-2024-13556	2.47%	84.9th	8.1		This CVE describes a PHP object injection vulnerability in the Affiliate Links WordPress plugin. Una
770	CVE-2025-12488	2.45%	84.9th	9.8		This vulnerability allows remote attackers to execute arbitrary code on oobabooga text-generation-we
771	CVE-2025-12487	2.45%	84.9th	9.8		This vulnerability allows remote attackers to execute arbitrary code on oobabooga text-generation-we
772	CVE-2025-27210	2.44%	84.9th	7.5		This vulnerability is an incomplete fix for CVE-2025-23084 in Node.js that allows path traversal att
773	CVE-2023-53963	2.44%	84.9th	9.8		CVE-2023-53963 is an unauthenticated remote command injection vulnerability in SOUND4 IMPACT/FIRST/P
774	CVE-2023-23408	2.43%	84.8th	4.5		This vulnerability allows attackers to inject malicious scripts into Azure Apache Ambari web interfa
775	CVE-2025-55161	2.42%	84.8th	8.6		CVE-2025-55161 is a Server-Side Request Forgery (SSRF) vulnerability in Stirling-PDF's Markdown-to-P
776	CVE-2025-57296	2.42%	84.8th	6.5		This CVE describes a command injection vulnerability in Tenda AC6 router firmware that allows attack
777	CVE-2024-12878	2.42%	84.8th	7.1		This vulnerability in the Custom Block Builder WordPress plugin allows attackers to inject malicious
778	CVE-2024-10152	2.42%	84.8th	7.1		This vulnerability in the Simple Certain Time to Show Content WordPress plugin allows attackers to i
779	CVE-2024-13333	2.41%	84.8th	7.5		The Advanced File Manager WordPress plugin versions 5.2.12 to 5.2.13 allow authenticated attackers w
780	CVE-2024-39760	2.4%	84.8th	10.0		This critical vulnerability allows unauthenticated attackers to execute arbitrary operating system c
781	CVE-2025-49214	2.4%	84.7th	8.8		This vulnerability allows authenticated attackers to execute arbitrary code on Trend Micro Endpoint
782	CVE-2025-0798	2.38%	84.7th	8.1		This critical vulnerability in MicroWorld eScan Antivirus allows remote attackers to execute arbitra
783	CVE-2024-9362	2.38%	84.7th	7.5		An unauthenticated directory traversal vulnerability in Polyaxon allows attackers to access sensitiv
784	CVE-2024-54960	2.37%	84.6th	6.5		A SQL injection vulnerability in Nagios XI 2024R1.2.2 allows remote attackers to execute arbitrary S
785	CVE-2024-33939	2.37%	84.6th	5.3		This vulnerability allows unauthenticated attackers to access course progress data in Masteriyo LMS
786	CVE-2025-4799	2.37%	84.6th	7.2		The WP-DownloadManager plugin for WordPress has a vulnerability allowing authenticated attackers wit
787	CVE-2024-11611	2.37%	84.6th	7.8		This vulnerability allows remote attackers to execute arbitrary code on AutomationDirect C-More EA9
788	CVE-2024-11610	2.37%	84.6th	7.8		This vulnerability allows remote attackers to execute arbitrary code on AutomationDirect C-More EA9
789	CVE-2025-27477	2.36%	84.6th	8.8		A heap-based buffer overflow vulnerability in Windows Telephony Service allows remote attackers to e
790	CVE-2025-59328	2.35%	84.6th	6.5		This CVE describes a denial-of-service vulnerability in Apache Fory caused by insecure deserializati
791	CVE-2025-2512	2.35%	84.6th	9.8		The File Away WordPress plugin allows unauthenticated attackers to upload arbitrary files to affecte
792	CVE-2025-8296	2.34%	84.6th	7.2		This SQL injection vulnerability in Ivanti Avalanche allows authenticated admin users to execute arb
793	CVE-2025-3294	2.33%	84.5th	7.2		The WP Editor WordPress plugin allows authenticated attackers with Administrator privileges to overw
794	CVE-2025-32409	2.33%	84.5th	8.1		This vulnerability allows remote attackers to execute arbitrary code on Ratta SuperNote A6 X2 Nomad
795	CVE-2024-8156	2.33%	84.5th	9.8		This CVE-2024-8156 is a critical command injection vulnerability in AutoGPT's GitHub Actions workflo
796	CVE-2025-48063	2.32%	84.5th	8.8		A bug in XWiki's required rights enforcement allows users with edit rights to set programming rights
797	CVE-2024-48590	2.32%	84.5th	9.8		Inflectra SpiraTeam 7.2.00 contains a Server-Side Request Forgery (SSRF) vulnerability in the NewsRe
798	CVE-2026-0594	2.31%	84.5th	6.1		The List Site Contributors WordPress plugin has a reflected cross-site scripting vulnerability in ve
799	CVE-2025-10307	2.3%	84.4th	6.5		The Backuply WordPress plugin has a vulnerability allowing authenticated attackers with Administrato
800	CVE-2025-30023	2.3%	84.4th	9.0		This vulnerability allows authenticated users to execute arbitrary code remotely on affected systems

← Previous Page 16 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free