Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 8251 | CVE-2025-43493 |
|
12.2th | 4.3 | This CVE describes an address bar spoofing vulnerability in Apple web browsers. Visiting a malicious | |
| 8252 | CVE-2025-55740 |
|
12.2th | 6.5 | This CVE describes a configuration vulnerability in nginx-defender where default administrative cred | |
| 8253 | CVE-2025-5013 |
|
12.1th | 4.3 | This vulnerability allows attackers to inject malicious scripts into the search functionality of HkC | |
| 8254 | CVE-2025-65503 |
|
12.1th | 5.5 | A use-after-free vulnerability in Redboltz async_mqtt 10.2.5 allows local users to cause denial of s | |
| 8255 | CVE-2024-57386 |
|
12.3th | 6.1 | A cross-site scripting (XSS) vulnerability in Wallos v2.41.0 allows remote attackers to inject malic | |
| 8256 | CVE-2025-69224 |
|
12.4th | 6.5 | CVE-2025-69224 is a request smuggling vulnerability in AIOHTTP's Python HTTP parser that occurs when | |
| 8257 | CVE-2025-64471 |
|
12.1th | 4.9 | This vulnerability allows unauthenticated attackers to bypass authentication on FortiWeb web applica | |
| 8258 | CVE-2025-62249 |
|
12.2th | 6.1 | A reflected cross-site scripting (XSS) vulnerability in Liferay Portal and DXP allows remote unauthe | |
| 8259 | CVE-2025-25236 |
|
12.2th | 5.3 | Omnissa Workspace ONE UEM has an observable response discrepancy vulnerability that allows attackers | |
| 8260 | CVE-2024-30146 |
|
12.3th | 4.1 | This vulnerability allows certain administrative users in HCL Domino Leap to import applications fro | |
| 8261 | CVE-2025-62430 |
|
12.1th | 5.4 | ClipBucket v5 through build 5.5.2 #145 has stored cross-site scripting (XSS) vulnerabilities in vide | |
| 8262 | CVE-2025-64137 |
|
12.3th | 4.3 | The Jenkins Themis Plugin 1.4.1 and earlier contains a missing permission check vulnerability that a | |
| 8263 | CVE-2025-69230 |
|
12.4th | 5.3 | This vulnerability in AIOHTTP allows attackers to trigger excessive warning-level logging by sending | |
| 8264 | CVE-2025-34281 |
|
12.2th | 5.4 | This CVE describes a stored cross-site scripting (XSS) vulnerability in ThingsBoard's Image Gallery | |
| 8265 | CVE-2025-59116 |
|
12.2th | 5.3 | Windu CMS version 4.1 is vulnerable to user enumeration during login, allowing attackers to determin | |
| 8266 | CVE-2025-30556 |
|
12.2th | 4.3 | A Cross-Site Request Forgery (CSRF) vulnerability in the WordPress Fix Rss Feeds plugin allows attac | |
| 8267 | CVE-2025-60187 |
|
12.2th | 4.8 | This vulnerability allows attackers to upload malicious files to WordPress sites using the Atarim Vi | |
| 8268 | CVE-2025-12440 |
|
12.3th | 5.3 | This vulnerability in Google Chrome's Autofill feature allows a remote attacker to potentially extra | |
| 8269 | CVE-2025-67231 |
|
12.1th | 5.9 | A reflected cross-site scripting (XSS) vulnerability in ToDesktop Builder v0.33.1 allows attackers t | |
| 8270 | CVE-2025-62779 |
|
12.1th | 5.4 | Frappe Learning versions 2.39.1 and earlier contain a cross-site scripting (XSS) vulnerability where | |
| 8271 | CVE-2025-62126 |
|
12.3th | 5.3 | This vulnerability in the Varnish/Nginx Proxy Caching WordPress plugin allows attackers to retrieve | |
| 8272 | CVE-2025-10532 |
|
12.3th | 6.5 | This vulnerability involves incorrect boundary conditions in Firefox and Thunderbird's JavaScript ga | |
| 8273 | CVE-2025-9107 |
|
12.3th | 4.3 | This vulnerability allows attackers to inject malicious scripts into the Portabilis i-Diario web app | |
| 8274 | CVE-2026-21970 |
|
12.2th | 6.5 | This vulnerability in Oracle Life Sciences Central Designer allows authenticated attackers with low | |
| 8275 | CVE-2025-63513 |
|
12.3th | 6.5 | Hospital Management System v4 has an Insecure Direct Object Reference (IDOR) vulnerability in appoin | |
| 8276 | CVE-2024-49794 |
|
12.1th | 4.3 | IBM ApplinX 11.1 contains a cross-site request forgery (CSRF) vulnerability that allows attackers to | |
| 8277 | CVE-2026-25491 |
|
12.2th | 4.8 | CVE-2026-25491 is a stored cross-site scripting (XSS) vulnerability in Craft CMS that allows attacke | |
| 8278 | CVE-2025-32100 |
|
12.2th | 6.5 | A buffer overflow vulnerability in Samsung Exynos processors allows attackers to execute arbitrary c | |
| 8279 | CVE-2025-25735 |
|
12.3th | 4.6 | This vulnerability allows attackers with software access on Kapsch TrafficCom RIS-9160 and RIS-9260 | |
| 8280 | CVE-2026-21978 |
|
12.2th | 6.5 | This vulnerability in Oracle FLEXCUBE Universal Banking allows authenticated attackers with low priv | |
| 8281 | CVE-2025-5998 |
|
12.3th | 6.5 | The PPWP WordPress plugin before version 1.9.11 has an authorization bypass vulnerability where user | |
| 8282 | CVE-2025-53284 |
|
12.2th | 6.5 | This CVE describes a missing authorization vulnerability in the pankaj.sakaria CMS Blocks WordPress | |
| 8283 | CVE-2025-9489 |
|
12.3th | 5.0 | The WP-Members Membership Plugin for WordPress has a vulnerability that allows authenticated users w | |
| 8284 | CVE-2026-0888 |
|
12.3th | 5.3 | This CVE describes an information disclosure vulnerability in the XML component of Firefox and Thund | |
| 8285 | CVE-2025-66458 |
|
12.2th | 6.1 | This Cross-Site Scripting (XSS) vulnerability in Lookyloo allows attackers to inject malicious JavaS | |
| 8286 | CVE-2025-66460 |
|
12.2th | 6.1 | Lookyloo versions before 1.35.3 contain a cross-site scripting (XSS) vulnerability where improperly | |
| 8287 | CVE-2025-65296 |
|
12.2th | 6.5 | A NULL-pointer dereference vulnerability in Aqara smart home hubs allows attackers to cause denial-o | |
| 8288 | CVE-2026-2179 |
|
12.4th | 4.7 | This CVE describes a SQL injection vulnerability in PHPGurukul Hospital Management System 4.0, speci | |
| 8289 | CVE-2026-0653 |
|
12.2th | 6.5 | This vulnerability allows guest-level authenticated users on TP-Link Tapo C260 v1 cameras to bypass | |
| 8290 | CVE-2025-7864 |
|
12.2th | 6.3 | This critical vulnerability in JeeSite allows attackers to upload arbitrary files without proper res | |
| 8291 | CVE-2025-5885 |
|
12.3th | 4.3 | This vulnerability allows attackers to perform cross-site request forgery (CSRF) attacks against Kon | |
| 8292 | CVE-2025-10185 |
|
12.2th | 4.9 | This SQL injection vulnerability in the NEX-Forms WordPress plugin allows authenticated attackers wi | |
| 8293 | CVE-2024-9055 |
|
12.1th | 4.2 | Silicon Labs Series 2 devices have insufficient DPA countermeasures that fail to periodically reseed | |
| 8294 | CVE-2025-62979 |
|
12.2th | 5.3 | This vulnerability in the ACF to REST API WordPress plugin exposes sensitive data embedded in Advanc | |
| 8295 | CVE-2025-64351 |
|
12.1th | 4.3 | This vulnerability in Rank Math SEO WordPress plugin exposes sensitive embedded data that could be r | |
| 8296 | CVE-2025-34247 |
|
12.2th | 6.5 | Advantech WebAccess/VPN versions before 1.1.5 contain a SQL injection vulnerability in the NetworksC | |
| 8297 | CVE-2025-8174 |
|
12.3th | 6.3 | This critical vulnerability in code-projects Voting System 1.0 allows remote attackers to upload arb | |
| 8298 | CVE-2025-66126 |
|
12.3th | 5.3 | This vulnerability in the WordPress Fix Media Library plugin allows attackers to retrieve embedded s | |
| 8299 | CVE-2025-65012 |
|
12.1th | 5.4 | This is a stored cross-site scripting (XSS) vulnerability in Kirby CMS where attackers with Panel ac | |
| 8300 | CVE-2025-31227 |
|
12.3th | 4.6 | This vulnerability allows attackers with physical access to an iOS/iPadOS device to recover deleted |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free