Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 8151 | CVE-2025-31246 |
|
33.5th | 8.8 | This vulnerability in macOS AFP (Apple Filing Protocol) allows a malicious AFP server to corrupt ker | |
| 8152 | CVE-2025-4552 |
|
33.5th | 5.4 | This vulnerability in ContiNew Admin allows unauthenticated attackers to remotely reset the super ad | |
| 8153 | CVE-2025-43261 |
|
33.5th | 9.8 | This CVE describes a sandbox escape vulnerability in macOS that allows malicious applications to bre | |
| 8154 | CVE-2025-6265 |
|
33.5th | 7.2 | This path traversal vulnerability in Zyxel NWA50AX PRO access points allows authenticated administra | |
| 8155 | CVE-2025-11139 |
|
33.5th | 6.3 | This is a path traversal vulnerability in Bjskzy Zhiyou ERP that allows attackers to manipulate file | |
| 8156 | CVE-2025-58760 |
|
33.5th | 8.6 | CVE-2025-58760 is a path traversal vulnerability in Tautulli's /image API endpoint that allows unaut | |
| 8157 | CVE-2025-11722 |
|
33.5th | 7.5 | The WooCommerce Category and Products Accordion Panel WordPress plugin contains a Local File Inclusi | |
| 8158 | CVE-2025-9029 |
|
33.5th | 4.3 | This vulnerability allows unauthenticated attackers to submit feedback data to external services via | |
| 8159 | CVE-2025-13699 |
|
33.6th | 7.0 | This vulnerability in MariaDB's mariadb-dump utility allows remote attackers to execute arbitrary co | |
| 8160 | CVE-2025-36917 |
|
33.5th | 6.5 | This vulnerability in SwDcpItg of up_L2commonPdcpSecurity.cpp allows remote attackers to cause denia | |
| 8161 | CVE-2025-36912 |
|
33.5th | 6.5 | This vulnerability in cellular modem firmware allows remote attackers to cause denial of service wit | |
| 8162 | CVE-2025-69269 |
|
33.5th | 9.8 | This OS command injection vulnerability in Broadcom DX NetOps Spectrum allows attackers to execute a | |
| 8163 | CVE-2026-22187 |
|
33.5th | 7.8 | Bio-Formats up to version 8.3.0 has unsafe Java deserialization in the Memoizer class, allowing atta | |
| 8164 | CVE-2026-1523 |
|
33.5th | N/A | A path traversal vulnerability in Digitek ADT1100 and DT950 devices allows attackers to access arbit | |
| 8165 | CVE-2024-12821 |
|
33.4th | 8.8 | The Media Manager for UserPro WordPress plugin has an authorization vulnerability that allows authen | |
| 8166 | CVE-2025-24365 |
|
33.4th | 8.1 | This vulnerability in vaultwarden allows an attacker who is an owner/admin of one organization to ga | |
| 8167 | CVE-2025-23529 |
|
33.4th | 6.5 | This CVE describes a Missing Authorization vulnerability in the Blokhaus Minterpress WordPress plugi | |
| 8168 | CVE-2025-24580 |
|
33.4th | 6.5 | This CVE describes a Missing Authorization vulnerability in the WordPress 12 Step Meeting List plugi | |
| 8169 | CVE-2023-42231 |
|
33.4th | 8.1 | This vulnerability in Pat Infinite Solutions HelpdeskAdvanced allows low-privileged users to delete | |
| 8170 | CVE-2024-5872 |
|
33.4th | 6.5 | This vulnerability in Arista EOS allows specially crafted packets with incorrect VLAN tags to be inc | |
| 8171 | CVE-2024-13252 |
|
33.4th | 5.4 | This Cross-Site Scripting (XSS) vulnerability in Drupal TacJS allows attackers to inject malicious s | |
| 8172 | CVE-2024-13245 |
|
33.4th | 5.4 | This vulnerability allows attackers to inject malicious scripts into web pages through the CKEditor | |
| 8173 | CVE-2024-13237 |
|
33.4th | 5.4 | This CVE describes a cross-site scripting (XSS) vulnerability in Drupal's File Entity module that al | |
| 8174 | CVE-2024-12464 |
|
33.4th | 6.4 | The Chatroll Live Chat WordPress plugin has a stored XSS vulnerability in versions up to 2.5.0. Auth | |
| 8175 | CVE-2024-11383 |
|
33.4th | 6.4 | The CC Canadian Mortgage Calculator WordPress plugin has a stored cross-site scripting vulnerability | |
| 8176 | CVE-2025-25282 |
|
33.4th | 8.1 | CVE-2025-25282 is an Insecure Direct Object Reference (IDOR) vulnerability in RAGFlow that allows au | |
| 8177 | CVE-2025-24692 |
|
33.4th | 7.1 | This vulnerability allows unauthorized users to modify WordPress menu settings due to missing access | |
| 8178 | CVE-2025-23534 |
|
33.4th | 6.5 | CVE-2025-23534 is a missing authorization vulnerability in the WPLingo WordPress plugin that allows | |
| 8179 | CVE-2025-1283 |
|
33.4th | 9.8 | This vulnerability allows attackers to bypass authentication on Dingtian DT-R0 Series devices by dir | |
| 8180 | CVE-2025-23527 |
|
33.4th | 6.5 | This CVE describes a Missing Authorization vulnerability in the WC Wallet WordPress plugin that allo | |
| 8181 | CVE-2025-29790 |
|
33.4th | 5.4 | This vulnerability allows attackers to upload malicious SVG files containing cross-site scripting (X | |
| 8182 | CVE-2025-1667 |
|
33.4th | 8.8 | This vulnerability allows authenticated attackers with teacher-level access or higher in the WPSchoo | |
| 8183 | CVE-2025-1944 |
|
33.4th | 6.5 | CVE-2025-1944 is a ZIP archive manipulation vulnerability in picklescan versions before 0.0.23 that | |
| 8184 | CVE-2025-23613 |
|
33.4th | 6.5 | This vulnerability allows unauthorized users to access functionality intended only for authenticated | |
| 8185 | CVE-2025-23515 |
|
33.4th | 6.5 | This CVE describes a Missing Authorization vulnerability in the ts-tree WordPress plugin that allows | |
| 8186 | CVE-2025-47181 |
|
33.4th | 8.8 | This CVE describes a local privilege escalation vulnerability in Microsoft Edge where an attacker ca | |
| 8187 | CVE-2025-24189 |
|
33.4th | 8.8 | This memory corruption vulnerability in Apple's WebKit browser engine allows attackers to execute ar | |
| 8188 | CVE-2023-7088 |
|
33.4th | 5.4 | This vulnerability in the Add SVG Support for Media Uploader WordPress plugin allows users with Auth | |
| 8189 | CVE-2025-49885 |
|
33.4th | 10.0 | This vulnerability allows unauthenticated attackers to upload arbitrary files, including web shells, | |
| 8190 | CVE-2025-5497 |
|
33.4th | 6.3 | This vulnerability allows remote attackers to execute arbitrary code through deserialization of untr | |
| 8191 | CVE-2025-54918 |
|
33.4th | 8.8 | This vulnerability allows an authenticated attacker to exploit improper authentication in Windows NT | |
| 8192 | CVE-2025-52288 |
|
33.4th | 7.5 | This vulnerability in Open5GS allows attackers to cause denial of service by triggering an assertion | |
| 8193 | CVE-2025-12115 |
|
33.3th | 7.5 | The WPC Name Your Price for WooCommerce WordPress plugin allows unauthenticated attackers to purchas | |
| 8194 | CVE-2025-11189 |
|
33.4th | 7.3 | The Kiwire Captive Portal contains a reflected cross-site scripting (XSS) vulnerability in the login | |
| 8195 | CVE-2025-59272 |
|
33.4th | 9.3 | This command injection vulnerability in Copilot allows unauthorized local attackers to execute arbit | |
| 8196 | CVE-2025-59252 |
|
33.4th | 9.3 | This command injection vulnerability in Copilot allows unauthorized attackers to execute arbitrary c | |
| 8197 | CVE-2025-64405 |
|
33.3th | 7.5 | Apache OpenOffice versions through 4.1.15 have a missing authorization vulnerability where specially | |
| 8198 | CVE-2025-64404 |
|
33.3th | 7.5 | Apache OpenOffice versions through 4.1.15 have a missing authorization vulnerability that allows att | |
| 8199 | CVE-2025-42886 |
|
33.4th | 6.1 | This is a reflected cross-site scripting (XSS) vulnerability in SAP Business Connector that allows u | |
| 8200 | CVE-2023-53966 |
|
33.4th | 9.8 | CVE-2023-53966 is a format string vulnerability in SOUND4 LinkAndShare Transmitter 1.1.2 that allows |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free