Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 8251 | CVE-2025-12078 |
|
33.2th | 6.1 | The ArtiBot Free Chat Bot plugin for WordPress has a reflected cross-site scripting vulnerability vi | |
| 8252 | CVE-2025-12762 |
|
33.3th | 9.1 | pgAdmin versions up to 9.9 running in server mode are vulnerable to remote code execution when proce | |
| 8253 | CVE-2025-61623 |
|
33.2th | 6.5 | This CVE describes a reflected cross-site scripting (XSS) vulnerability in Apache OFBiz that allows | |
| 8254 | CVE-2025-12193 |
|
33.2th | 6.1 | The Mang Board WP plugin for WordPress has a reflected cross-site scripting (XSS) vulnerability in t | |
| 8255 | CVE-2025-12064 |
|
33.2th | 6.1 | The WP2Social Auto Publish WordPress plugin contains a reflected cross-site scripting (XSS) vulnerab | |
| 8256 | CVE-2025-11263 |
|
33.2th | 6.1 | The Link Whisper Free WordPress plugin contains a reflected cross-site scripting vulnerability that | |
| 8257 | CVE-2025-68151 |
|
33.2th | 7.5 | CoreDNS servers running gRPC, HTTPS, or HTTP/3 protocols are vulnerable to denial-of-service attacks | |
| 8258 | CVE-2026-20026 |
|
33.3th | 5.8 | This vulnerability in Cisco products allows unauthenticated remote attackers to cause Snort 3 Detect | |
| 8259 | CVE-2025-15382 |
|
33.3th | 8.1 | This heap buffer over-read vulnerability in wolfSSH's wolfSSH_CleanPath() function allows authentica | |
| 8260 | CVE-2025-66698 |
|
33.2th | 8.6 | This authentication bypass vulnerability in Semantic machines v5.4.8 allows attackers to access prot | |
| 8261 | CVE-2025-0843 |
|
33th | 7.3 | CVE-2025-0843 is a critical SQL injection vulnerability in the needyamin Library Card System 1.0 adm | |
| 8262 | CVE-2024-13561 |
|
33.1th | 6.4 | This stored XSS vulnerability in the Target Video Easy Publish WordPress plugin allows authenticated | |
| 8263 | CVE-2024-52327 |
|
33.1th | 6.5 | This vulnerability allows authenticated attackers to bypass the PIN protection on ECOVACS robot lawn | |
| 8264 | CVE-2022-23439 |
|
33th | 4.7 | This vulnerability allows attackers to poison web caches by sending crafted HTTP requests with malic | |
| 8265 | CVE-2023-37027 |
|
33th | 6.5 | A null pointer dereference vulnerability in Magma's Mobile Management Entity (MME) allows network-ad | |
| 8266 | CVE-2024-11870 |
|
33.1th | 6.4 | This vulnerability allows authenticated WordPress users with contributor-level access or higher to i | |
| 8267 | CVE-2025-0460 |
|
33.1th | 7.3 | This critical vulnerability in Blog Botz for Journal Theme 1.0 on OpenCart allows remote attackers t | |
| 8268 | CVE-2025-0053 |
|
33.1th | 5.3 | SAP NetWeaver Application Server for ABAP and ABAP Platform contains an information disclosure vulne | |
| 8269 | CVE-2024-38291 |
|
33.1th | 8.8 | This vulnerability in Extreme Networks XIQ-SE allows low-privileged users to access administrator pa | |
| 8270 | CVE-2024-32838 |
|
33.1th | 8.8 | This SQL injection vulnerability in Apache Fineract allows authenticated attackers to inject malicio | |
| 8271 | CVE-2025-1165 |
|
33.1th | 7.3 | This critical vulnerability in Lumsoft ERP 8 allows remote attackers to upload arbitrary files witho | |
| 8272 | CVE-2025-1912 |
|
33th | 7.6 | This Server-Side Request Forgery (SSRF) vulnerability in the Product Import Export for WooCommerce p | |
| 8273 | CVE-2025-30214 |
|
33.1th | 7.5 | This vulnerability in Frappe framework allows attackers to make crafted requests that disclose sensi | |
| 8274 | CVE-2024-13923 |
|
33th | 7.6 | This vulnerability allows authenticated WordPress administrators to perform Server-Side Request Forg | |
| 8275 | CVE-2025-0330 |
|
33.1th | 7.5 | This vulnerability in berriai/litellm's proxy server leaks Langfuse API keys when team settings pars | |
| 8276 | CVE-2024-12217 |
|
33th | 5.3 | This vulnerability in the gradio-app/gradio repository allows attackers to bypass file access restri | |
| 8277 | CVE-2024-10321 |
|
33th | 4.3 | This vulnerability in the WidgetKit plugin for WordPress allows authenticated users with Contributor | |
| 8278 | CVE-2025-2066 |
|
33th | 7.3 | This critical SQL injection vulnerability in Life Insurance Management System 1.0 allows attackers t | |
| 8279 | CVE-2025-2062 |
|
33th | 7.3 | A critical SQL injection vulnerability in Life Insurance Management System 1.0 allows attackers to m | |
| 8280 | CVE-2025-1959 |
|
33th | 7.3 | A critical SQL injection vulnerability exists in Codezips Gym Management System 1.0, specifically in | |
| 8281 | CVE-2025-25948 |
|
33th | 9.1 | This vulnerability allows unauthenticated attackers to create and modify user accounts, including Ad | |
| 8282 | CVE-2025-2817 |
|
33.1th | 8.8 | This vulnerability allows a medium-integrity user process to interfere with Thunderbird's SYSTEM-lev | |
| 8283 | CVE-2025-39383 |
|
33th | 7.5 | This vulnerability allows attackers to include local files on the server through improper filename c | |
| 8284 | CVE-2025-31285 |
|
33.1th | 4.6 | A broken access control vulnerability in Trend Vision One allowed administrators to create users who | |
| 8285 | CVE-2025-31283 |
|
33.1th | 4.6 | A broken access control vulnerability in Trend Vision One User Roles allowed administrators to creat | |
| 8286 | CVE-2025-31234 |
|
33th | 8.2 | This CVE describes a memory corruption vulnerability in Apple operating systems that could allow an | |
| 8287 | CVE-2025-29521 |
|
33.1th | 5.3 | D-Link DSL-7740C routers with vulnerable firmware have insecure default credentials for the Administ | |
| 8288 | CVE-2025-7813 |
|
33.1th | 7.2 | This vulnerability allows unauthenticated attackers to perform Server-Side Request Forgery (SSRF) at | |
| 8289 | CVE-2025-52194 |
|
33.1th | 7.5 | A buffer overflow vulnerability in libsndfile allows attackers to execute arbitrary code by tricking | |
| 8290 | CVE-2025-44960 |
|
33th | 8.5 | CVE-2025-44960 is an OS command injection vulnerability in RUCKUS SmartZone (SZ) network management | |
| 8291 | CVE-2013-10072 |
|
33.1th | 6.5 | Nagios XI versions before 2012R1.6 have an authorization flaw in Auto-Discovery functionality. Users | |
| 8292 | CVE-2025-59043 |
|
33th | 7.5 | OpenBao versions before 2.4.1 have a memory exhaustion vulnerability where specially crafted JSON pa | |
| 8293 | CVE-2025-13446 |
|
33.1th | 8.8 | This vulnerability in Tenda AC21 routers allows remote attackers to execute arbitrary code via a sta | |
| 8294 | CVE-2025-60718 |
|
33th | 7.8 | This vulnerability in Windows Administrator Protection allows an authenticated attacker to exploit a | |
| 8295 | CVE-2025-59511 |
|
33th | 7.8 | This vulnerability in Windows WLAN Service allows an authenticated attacker to manipulate file paths | |
| 8296 | CVE-2025-66524 |
|
33.1th | 8.8 | This vulnerability allows remote code execution on Apache NiFi systems through unsafe Java deseriali | |
| 8297 | CVE-2025-40362 |
|
33.1th | N/A | A Linux kernel Ceph filesystem vulnerability allows users to bypass intended access controls in mult | |
| 8298 | CVE-2025-60786 |
|
33.1th | 8.8 | A Zip Slip vulnerability in iceScrum v7.54 Pro On-prem allows attackers to execute arbitrary code by | |
| 8299 | CVE-2025-66575 |
|
33.1th | 7.8 | CVE-2025-66575 is an unquoted service path vulnerability in VeeVPN 1.6.1 that allows attackers to ex | |
| 8300 | CVE-2026-24411 |
|
33th | 7.1 | CVE-2026-24411 is an undefined behavior vulnerability in iccDEV's CIccTagXmlSegmentedCurve::ToXml() |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free