Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 8301 | CVE-2026-24407 |
|
33th | 7.1 | CVE-2026-24407 is an undefined behavior vulnerability in iccDEV's icSigCalcOp() function that allows | |
| 8302 | CVE-2025-46066 |
|
33.1th | 9.9 | A privilege escalation vulnerability in Automai Director v.25.2.0 allows remote attackers to gain el | |
| 8303 | CVE-2025-67070 |
|
33th | 8.2 | This vulnerability allows unauthenticated attackers to bypass multi-factor authentication during pas | |
| 8304 | CVE-2025-66786 |
|
33th | 7.5 | OpenAirInterface CN5G AMF versions up to v2.0.1 contain a logical error in JSON request processing t | |
| 8305 | CVE-2025-67269 |
|
33.1th | 7.5 | An integer underflow vulnerability in gpsd's NAVCOM packet parser causes a denial of service conditi | |
| 8306 | CVE-2025-14998 |
|
33th | 9.8 | The Branda WordPress plugin has an authentication bypass vulnerability that allows unauthenticated a | |
| 8307 | CVE-2026-1685 |
|
33.1th | 3.7 | This vulnerability in D-Link DIR-823X routers allows attackers to bypass authentication attempt limi | |
| 8308 | CVE-2024-57036 |
|
32.9th | 8.1 | This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK A810R routers b | |
| 8309 | CVE-2024-23106 |
|
33th | 8.1 | This vulnerability allows unauthenticated attackers to perform brute force attacks against the Forti | |
| 8310 | CVE-2023-47692 |
|
32.9th | 4.3 | This CVE describes a Missing Authorization vulnerability in Flothemes Flo Forms WordPress plugin tha | |
| 8311 | CVE-2023-46612 |
|
32.9th | 4.3 | This CVE describes a Missing Authorization vulnerability in the codedrafty Mediabay WordPress plugin | |
| 8312 | CVE-2023-45110 |
|
32.9th | 4.3 | This CVE describes a missing authorization vulnerability in the Bold Timeline Lite WordPress plugin | |
| 8313 | CVE-2025-0728 |
|
32.9th | 7.5 | An integer underflow vulnerability in NetX HTTP server functionality of Eclipse ThreadX NetX Duo all | |
| 8314 | CVE-2025-0727 |
|
32.9th | 7.5 | An integer underflow vulnerability in NetX HTTP server functionality of Eclipse ThreadX NetX Duo all | |
| 8315 | CVE-2025-0726 |
|
32.9th | 7.5 | A denial-of-service vulnerability in Eclipse ThreadX NetX Duo's HTTP server allows attackers to exha | |
| 8316 | CVE-2023-51327 |
|
32.9th | 6.5 | This vulnerability allows attackers to send excessive password reset emails to legitimate users by e | |
| 8317 | CVE-2024-56473 |
|
32.9th | 5.3 | IBM Aspera Shares versions 1.9.0 through 1.10.0 PL6 improperly validate 'Client-IP' headers, allowin | |
| 8318 | CVE-2025-0510 |
|
32.9th | 6.5 | Thunderbird email client displays incorrect sender addresses when emails use invalid group name synt | |
| 8319 | CVE-2024-49838 |
|
32.9th | 8.2 | This vulnerability allows attackers to read sensitive memory contents when parsing malformed OCI (Or | |
| 8320 | CVE-2025-25709 |
|
33th | 7.5 | A privilege escalation vulnerability in dtp.ae tNexus Airport View v2.8 allows remote attackers to g | |
| 8321 | CVE-2024-45651 |
|
33th | 6.3 | IBM Sterling Connect:Direct Web Services versions 6.1.0, 6.2.0, and 6.3.0 fail to properly invalidat | |
| 8322 | CVE-2025-22089 |
|
33th | 5.5 | A Linux kernel vulnerability in the RDMA subsystem allows exposure of hardware counters to non-initi | |
| 8323 | CVE-2025-30653 |
|
32.9th | 6.5 | An expired pointer dereference vulnerability in Juniper's Routing Protocol Daemon (rpd) allows adjac | |
| 8324 | CVE-2025-30648 |
|
32.9th | 7.4 | An unauthenticated adjacent attacker can send a malformed DHCP packet to crash the Juniper DHCP daem | |
| 8325 | CVE-2025-30646 |
|
32.9th | 6.5 | A signed-to-unsigned conversion error in Juniper's Layer 2 Control Protocol daemon (l2cpd) allows an | |
| 8326 | CVE-2025-2513 |
|
32.9th | 6.4 | The Smart Icons For WordPress plugin versions up to 1.0.4 contain a stored cross-site scripting vuln | |
| 8327 | CVE-2025-31751 |
|
32.9th | 6.5 | A Cross-Site Request Forgery (CSRF) vulnerability in the Breaking News WP WordPress plugin allows at | |
| 8328 | CVE-2025-1907 |
|
32.9th | 9.8 | Instantel Micromate devices have an unauthenticated configuration port that allows attackers to exec | |
| 8329 | CVE-2025-5277 |
|
32.9th | 9.6 | CVE-2025-5277 is a command injection vulnerability in aws-mcp-server that allows attackers to execut | |
| 8330 | CVE-2025-41653 |
|
33th | 7.5 | An unauthenticated remote attacker can cause denial-of-service by sending specially crafted HTTP req | |
| 8331 | CVE-2025-4843 |
|
32.9th | 8.8 | A critical stack-based buffer overflow vulnerability in D-Link DCS-932L IP cameras allows remote att | |
| 8332 | CVE-2025-4841 |
|
32.9th | 8.8 | A critical stack-based buffer overflow vulnerability exists in D-Link DCS-932L IP cameras running fi | |
| 8333 | CVE-2025-26262 |
|
32.9th | 6.5 | This vulnerability in Linux Malware Detect (LMD) allows attackers to escalate privileges and execute | |
| 8334 | CVE-2025-46337 |
|
33th | 10.0 | This is a critical SQL injection vulnerability in ADOdb PHP database library affecting PostgreSQL co | |
| 8335 | CVE-2025-6169 |
|
32.9th | 9.8 | CVE-2025-6169 is a critical SQL injection vulnerability in HAMASTAR Technology's WIMP website co-con | |
| 8336 | CVE-2025-4138 |
|
33th | 7.5 | This vulnerability in Python's tarfile module allows attackers to bypass extraction filters, enablin | |
| 8337 | CVE-2025-30751 |
|
32.9th | 8.8 | This vulnerability in Oracle Database allows attackers with low privileges (Create Session and Creat | |
| 8338 | CVE-2025-9132 |
|
33th | 8.8 | This vulnerability allows remote attackers to execute arbitrary code or cause denial of service thro | |
| 8339 | CVE-2025-11091 |
|
32.9th | 8.8 | A buffer overflow vulnerability exists in Tenda AC21 routers through firmware version 16.03.08.16. A | |
| 8340 | CVE-2025-7040 |
|
32.9th | 8.2 | The Cloud SAML SSO WordPress plugin has a missing capability check that allows unauthenticated attac | |
| 8341 | CVE-2025-12285 |
|
32.9th | 9.8 | CVE-2025-12285 is a missing initial password change vulnerability affecting BLU-IC2 and BLU-IC4 devi | |
| 8342 | CVE-2025-61935 |
|
32.9th | 7.5 | This vulnerability allows attackers to cause denial of service by sending specific requests to BIG-I | |
| 8343 | CVE-2025-60016 |
|
32.9th | 7.5 | This vulnerability in F5 BIG-IP systems causes a denial of service when specific ECC Brainpool curve | |
| 8344 | CVE-2025-59778 |
|
32.9th | 7.5 | This vulnerability in F5OS-C partition control plane allows undisclosed traffic to cause multiple co | |
| 8345 | CVE-2025-59478 |
|
32.9th | 7.5 | A vulnerability in BIG-IP AFM DoS protection profiles allows specially crafted requests to crash the | |
| 8346 | CVE-2025-58096 |
|
32.9th | 7.5 | A configuration-specific vulnerability in F5 BIG-IP systems where setting the tm.tcpudptxchecksum da | |
| 8347 | CVE-2025-55036 |
|
32.9th | 7.5 | A memory corruption vulnerability in BIG-IP SSL Orchestrator's explicit forward proxy when proxy con | |
| 8348 | CVE-2025-54854 |
|
32.9th | 7.5 | This vulnerability allows attackers to cause denial of service by sending specific traffic to BIG-IP | |
| 8349 | CVE-2025-54479 |
|
32.9th | 7.5 | This vulnerability in F5 BIG-IP systems allows remote attackers to cause denial of service by sendin | |
| 8350 | CVE-2025-53521 |
|
32.9th | 7.5 | This vulnerability in BIG-IP APM allows undisclosed traffic to cause TMM (Traffic Management Microke |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free