Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
8051	CVE-2025-64283	0.04%	12.6th	6.5	This CVE describes an Insecure Direct Object Reference (IDOR) vulnerability in the Rometheme RTMKit
8052	CVE-2025-10096	0.04%	12.5th	6.3	This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in SimStudioAI sim software up
8053	CVE-2025-48337	0.04%	12.6th	5.3	This CVE describes a Missing Authorization vulnerability in the QuickCab WordPress plugin that allow
8054	CVE-2025-49906	0.04%	12.6th	5.3	This CVE describes a Missing Authorization vulnerability in the StellarWP WPComplete plugin for Word
8055	CVE-2025-6074	0.04%	12.7th	6.5	A hard-coded cryptographic key vulnerability in ABB RMC-100 and RMC-100 LITE devices allows attacker
8056	CVE-2025-68401	0.04%	12.5th	4.8	ChurchCRM versions before 6.0.0 have a stored cross-site scripting (XSS) vulnerability where user-su
8057	CVE-2025-9799	0.04%	12.6th	5.0	This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in Langfuse's webhook handler.
8058	CVE-2025-46229	0.04%	12.7th	5.9	This stored cross-site scripting (XSS) vulnerability in the Textmetrics WordPress plugin allows atta
8059	CVE-2026-1193	0.04%	12.6th	6.3	This vulnerability in MineAdmin 1.x/2.x allows attackers to bypass authorization controls via the /s
8060	CVE-2025-66594	0.04%	12.6th	5.3	This vulnerability in Yokogawa's FAST/TOOLS software exposes detailed error messages that could reve
8061	CVE-2025-64289	0.04%	12.4th	5.9	This stored cross-site scripting (XSS) vulnerability in Premmerce Product Search for WooCommerce all
8062	CVE-2025-64291	0.04%	12.4th	5.9	This stored cross-site scripting (XSS) vulnerability in the Premmerce User Roles WordPress plugin al
8063	CVE-2025-49913	0.04%	12.6th	5.3	This CVE describes a missing authorization vulnerability in the CoSchedule WordPress plugin that all
8064	CVE-2025-62763	0.04%	12.7th	5.0	This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in Zimbra Collaboration Suite
8065	CVE-2025-62884	0.04%	12.6th	5.3	This vulnerability allows unauthorized users to access administrative functionality in the Coupon Af
8066	CVE-2025-23971	0.04%	12.6th	5.3	CVE-2025-23971 is a missing authorization vulnerability in the KI Live Video Conferences WordPress p
8067	CVE-2025-53457	0.04%	12.7th	4.4	This Server-Side Request Forgery (SSRF) vulnerability in the SEO Backlink Monitor WordPress plugin a
8068	CVE-2025-24763	0.04%	12.7th	5.3	This CVE describes a Missing Authorization vulnerability in the bbPress API WordPress plugin that al
8069	CVE-2025-46250	0.04%	12.7th	5.9	This stored cross-site scripting (XSS) vulnerability in the VForm WordPress plugin allows attackers
8070	CVE-2025-61457	0.04%	12.5th	6.1	CVE-2025-61457 is a Cross-Site Scripting (XSS) vulnerability in code16 Sharp v9.6.6's SharpFormUploa
8071	CVE-2025-53461	0.04%	12.7th	4.4	This Server-Side Request Forgery (SSRF) vulnerability in the Beaf WordPress plugin allows attackers
8072	CVE-2025-63419	0.04%	12.6th	6.1	This CVE describes a Cross-Site Scripting (XSS) vulnerability in CrushFTP's file sharing feature whe
8073	CVE-2025-49509	0.04%	12.6th	5.3	This CVE describes a Missing Authorization vulnerability in the Roland Beaussant Audio Editor & Reco
8074	CVE-2026-22050	0.04%	12.7th	4.3	A vulnerability in NetApp ONTAP with snapshot locking enabled allows privileged remote attackers to
8075	CVE-2025-58243	0.04%	12.6th	5.3	This CVE describes a Missing Authorization vulnerability in the Jthemes imEvent WordPress theme that
8076	CVE-2025-63744	0.04%	12.7th	4.3	A NULL pointer dereference vulnerability in radare2's bin_dyldcache.c load() function allows attacke
8077	CVE-2025-12639	0.04%	12.7th	4.3	The wModes WordPress plugin has an authorization bypass vulnerability that allows authenticated user
8078	CVE-2025-52967	0.04%	12.5th	5.8	This vulnerability in MLflow's gateway_proxy_handler allows attackers to bypass path validation, pot
8079	CVE-2025-62396	0.04%	12.5th	5.3	An error-handling vulnerability in Moodle's router component (r.php) can expose internal directory l
8080	CVE-2025-54132	0.04%	12.4th	4.4	This vulnerability in Cursor code editor versions below 1.3 allows attackers to exfiltrate sensitive
8081	CVE-2024-40625	0.04%	12.6th	5.5	This vulnerability in GeoServer allows attackers to upload arbitrary files via the Coverage REST API
8082	CVE-2022-49189	0.04%	12.7th	5.5	A Linux kernel vulnerability in the Qualcomm clock controller driver (clk-rcg2) allows underflow err
8083	CVE-2025-62397	0.04%	12.5th	5.3	This vulnerability allows attackers to enumerate valid course IDs on a router by observing inconsist
8084	CVE-2026-20635	0.04%	12.6th	4.3	This CVE describes a memory handling vulnerability in Apple's WebKit browser engine that affects mul
8085	CVE-2025-55136	0.04%	12.6th	5.7	CVE-2025-55136 is an insecure deserialization vulnerability in ERC (Emotion Recognition in Conversat
8086	CVE-2025-15390	0.04%	12.4th	6.3	This vulnerability in PHPGurukul Small CRM 4.0 allows unauthorized access to the edit-user.php admin
8087	CVE-2025-36160	0.04%	12.5th	5.3	IBM Concert versions 1.0.0 through 2.0.0 disclose sensitive server information via HTTP response hea
8088	CVE-2025-12830	0.04%	12.5th	6.4	This vulnerability allows authenticated WordPress users with contributor-level access or higher to i
8089	CVE-2026-0547	0.04%	12.4th	6.3	This vulnerability allows remote attackers to upload arbitrary files via the photo parameter in the
8090	CVE-2025-62508	0.04%	12.5th	6.5	This stored cross-site scripting vulnerability in the Citizen MediaWiki skin allows users with editi
8091	CVE-2026-1002	0.04%	12.7th	5.3	This vulnerability in Vert.x Web's static handler allows attackers to manipulate the cache to deny a
8092	CVE-2025-29006	0.04%	12.6th	5.3	This CVE describes a missing authorization vulnerability in the Direct Checkout for WooCommerce Lite
8093	CVE-2025-56008	0.04%	12.6th	6.1	A cross-site scripting (XSS) vulnerability in KeeneticOS allows attackers physically near the router
8094	CVE-2024-31913	0.04%	12.6th	5.5	IBM Sterling B2B Integrator is vulnerable to stored cross-site scripting (XSS) that allows authentic
8095	CVE-2024-13521	0.04%	12.5th	6.1	This CSRF vulnerability in the MailUp Auto Subscription WordPress plugin allows unauthenticated atta
8096	CVE-2025-47871	0.04%	12.5th	4.3	This vulnerability allows authenticated Mattermost users who are members of a playbook but not membe
8097	CVE-2024-13339	0.04%	12.5th	6.1	The DeBounce Email Validator WordPress plugin has a CSRF vulnerability that allows attackers to chan
8098	CVE-2025-54169	0.04%	12.5th	6.5	An out-of-bounds read vulnerability in QNAP File Station 5 allows authenticated remote attackers to
8099	CVE-2026-20027	0.04%	12.5th	5.3	A buffer out-of-bounds read vulnerability in Cisco Snort 3's DCE/RPC request processing allows unaut
8100	CVE-2025-69198	0.04%	12.7th	6.5	This CVE describes a race condition vulnerability in Pterodactyl Panel where concurrent requests can

← Previous Page 162 of 332 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free