Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
7951	CVE-2025-25349	0.14%	34th	9.8	CVE-2025-25349 is a critical SQL injection vulnerability in PHPGurukul Daily Expense Tracker System
7952	CVE-2026-1306	0.14%	34th	9.8	The midi-Synth WordPress plugin allows unauthenticated attackers to upload arbitrary files due to mi
7953	CVE-2024-12599	0.14%	33.9th	7.2	This vulnerability allows authenticated WordPress users with contributor-level access or higher to i
7954	CVE-2025-2705	0.14%	34th	7.3	This critical vulnerability in Digiwin ERP 5.1 allows remote attackers to upload arbitrary files wit
7955	CVE-2025-26163	0.14%	34th	9.8	CVE-2025-26163 is a critical SQL injection vulnerability in CM Soluces Informatica Ltda Auto Atendim
7956	CVE-2025-2067	0.14%	33.9th	7.3	This critical SQL injection vulnerability in Life Insurance Management System 1.0 allows remote atta
7957	CVE-2025-2065	0.14%	33.9th	7.3	A critical SQL injection vulnerability in Life Insurance Management System 1.0 allows remote attacke
7958	CVE-2025-2064	0.14%	33.9th	7.3	A critical SQL injection vulnerability in Life Insurance Management System 1.0 allows attackers to m
7959	CVE-2025-2063	0.14%	33.9th	7.3	A critical SQL injection vulnerability in Life Insurance Management System 1.0 allows attackers to m
7960	CVE-2025-1963	0.14%	33.9th	7.3	This critical SQL injection vulnerability in Projectworlds Online Hotel Booking 1.0 allows remote at
7961	CVE-2025-1780	0.14%	34.1th	4.3	This vulnerability allows authenticated WordPress users with Subscriber-level access or higher to mo
7962	CVE-2025-4019	0.14%	34.1th	7.3	A critical authentication bypass vulnerability in Novel-Plus allows remote attackers to access the c
7963	CVE-2025-22037	0.14%	33.9th	5.5	A null pointer dereference vulnerability in the Linux kernel's ksmbd SMB server allows attackers to
7964	CVE-2025-6371	0.14%	34th	8.8	A critical stack-based buffer overflow vulnerability in D-Link DIR-619L routers allows remote attack
7965	CVE-2025-6369	0.14%	34th	8.8	A critical stack-based buffer overflow vulnerability in D-Link DIR-619L routers allows remote attack
7966	CVE-2025-6367	0.14%	34th	8.8	This critical vulnerability in D-Link DIR-619L routers allows remote attackers to execute arbitrary
7967	CVE-2025-6334	0.14%	34th	8.8	A critical stack-based buffer overflow vulnerability in D-Link DIR-867 routers allows remote attacke
7968	CVE-2025-6112	0.14%	34th	8.8	A critical buffer overflow vulnerability in Tenda FH1205 routers allows remote attackers to execute
7969	CVE-2025-46096	0.14%	34th	6.1	A directory traversal vulnerability in Solon v3.1.2 allows remote attackers to conduct cross-site sc
7970	CVE-2025-5851	0.14%	34th	8.8	A critical buffer overflow vulnerability in Tenda AC15 routers allows remote attackers to execute ar
7971	CVE-2025-5839	0.14%	34th	8.8	A critical buffer overflow vulnerability in Tenda AC9 routers allows remote attackers to execute arb
7972	CVE-2025-5608	0.14%	34th	8.8	A critical buffer overflow vulnerability in Tenda AC18 routers allows remote attackers to execute ar
7973	CVE-2025-2813	0.14%	34th	7.5	This vulnerability allows unauthenticated remote attackers to cause Denial of Service by flooding an
7974	CVE-2025-7908	0.14%	34th	8.8	A critical stack-based buffer overflow vulnerability exists in D-Link DI-8100 routers through the jh
7975	CVE-2025-7790	0.14%	34th	8.8	This critical vulnerability in D-Link DI-8100 routers allows remote attackers to execute arbitrary c
7976	CVE-2025-41702	0.14%	34th	9.8	This vulnerability allows unauthenticated remote attackers to generate valid JWT tokens using a hard
7977	CVE-2025-49556	0.14%	34.1th	7.5	Adobe Commerce has an incorrect authorization vulnerability that allows attackers to bypass security
7978	CVE-2025-57528	0.14%	34th	7.7	This vulnerability in Tenda AC6 routers allows attackers to cause denial of service through buffer o
7979	CVE-2025-7665	0.14%	34th	8.1	The Miniorange OTP Verification with Firebase WordPress plugin allows unauthenticated attackers to e
7980	CVE-2025-43796	0.14%	34th	7.5	This vulnerability allows remote attackers to perform denial-of-service attacks on Liferay Portal/DX
7981	CVE-2025-57052	0.14%	34.1th	9.8	cJSON versions 1.5.0 through 1.7.18 contain an out-of-bounds access vulnerability in the decode_arra
7982	CVE-2025-34516	0.14%	34th	9.8	Ilevia EVE X1 Server firmware versions up to 4.7.18.0.eden contain hardcoded default credentials tha
7983	CVE-2025-59243	0.14%	34.1th	7.8	A use-after-free vulnerability in Microsoft Office Excel allows attackers to execute arbitrary code
7984	CVE-2025-55326	0.14%	33.9th	7.5	A use-after-free vulnerability in Windows Connected Devices Platform Service allows unauthorized att
7985	CVE-2025-66262	0.14%	34.1th	9.8	This vulnerability allows attackers to overwrite arbitrary system files via path traversal in tar ar
7986	CVE-2025-65501	0.14%	34th	4.3	A null pointer dereference vulnerability in libcoap's DTLS handshake processing allows remote attack
7987	CVE-2025-65500	0.14%	34th	4.3	A NULL pointer dereference vulnerability in OISM libcoap's DTLS cookie generation function allows re
7988	CVE-2025-65498	0.14%	34th	4.3	A NULL pointer dereference vulnerability in OISM libcoap's DTLS implementation allows remote attacke
7989	CVE-2025-65497	0.14%	34th	4.3	A NULL pointer dereference vulnerability in OISM libcoap's DTLS cookie generation function allows re
7990	CVE-2025-65496	0.14%	34th	4.3	A NULL pointer dereference vulnerability in OISM libcoap's DTLS implementation allows remote attacke
7991	CVE-2025-12158	0.14%	34th	9.8	The Simple User Capabilities WordPress plugin has a critical privilege escalation vulnerability that
7992	CVE-2025-15164	0.14%	34th	7.2	A stack-based buffer overflow vulnerability in Tenda WH450 routers allows remote attackers to execut
7993	CVE-2025-15163	0.14%	34th	7.2	This vulnerability in Tenda WH450 routers allows remote attackers to execute arbitrary code via a st
7994	CVE-2025-15162	0.14%	34th	7.2	A stack-based buffer overflow vulnerability in Tenda WH450 routers allows remote attackers to execut
7995	CVE-2025-15161	0.14%	34th	7.2	A stack-based buffer overflow vulnerability in Tenda WH450 routers allows remote attackers to execut
7996	CVE-2025-15160	0.14%	34th	7.2	This vulnerability allows remote attackers to execute arbitrary code on Tenda WH450 routers via a st
7997	CVE-2025-14466	0.14%	34th	5.3	An unauthenticated attacker can send specially-crafted HTTP requests to the web interface of Güralp
7998	CVE-2025-14166	0.14%	34th	5.3	The WPMasterToolkit WordPress plugin allows authenticated users with Contributor-level access or hig
7999	CVE-2025-34413	0.14%	34.1th	N/A	Legality WHISTLEBLOWING software by DigitalPA fails to emit critical HTTP security headers by defaul
8000	CVE-2025-63529	0.14%	34.1th	6.1	A session fixation vulnerability in Blood Bank Management System 1.0 allows attackers to hijack user

← Previous Page 160 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free