Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
8551	CVE-2024-34520	0.13%	32.2th	8.8	An authorization bypass vulnerability in Mavenir SCE Application Provisioning Portal allows authenti
8552	CVE-2025-1796	0.13%	32.2th	8.8	This vulnerability in langgenius/dify v0.10.1 allows attackers to predict password reset codes due t
8553	CVE-2024-47067	0.13%	32.2th	6.1	AList file management software contains a reflected cross-site scripting vulnerability where user in
8554	CVE-2025-25426	0.13%	32.1th	7.2	CVE-2025-25426 is an SQL injection vulnerability in yshopmall's image listing interface that allows
8555	CVE-2025-1901	0.13%	32.2th	7.3	This critical SQL injection vulnerability in PHPGurukul Restaurant Table Booking System 1.0 allows a
8556	CVE-2025-3571	0.13%	32.2th	6.3	This critical SQL injection vulnerability in Fannuo Enterprise Content Management System allows remo
8557	CVE-2025-1073	0.13%	32.3th	7.5	This vulnerability allows attackers with physical access to load unauthorized firmware onto Panasoni
8558	CVE-2025-3382	0.13%	32.2th	6.3	This critical SQL injection vulnerability in joey-zhou's xiaozhi-esp32-server-java allows remote att
8559	CVE-2025-3158	0.13%	32.2th	5.3	A critical heap-based buffer overflow vulnerability exists in Assimp's LWO file handler. Attackers c
8560	CVE-2025-39358	0.13%	32.2th	8.8	This vulnerability allows attackers to inject malicious objects through deserialization of untrusted
8561	CVE-2025-49702	0.13%	32.2th	7.8	A type confusion vulnerability in Microsoft Office allows attackers to execute arbitrary code on vul
8562	CVE-2025-49691	0.13%	32.2th	8.0	A heap-based buffer overflow vulnerability in Windows Media allows attackers on the same network to
8563	CVE-2025-53763	0.13%	32.3th	9.8	An improper access control vulnerability in Azure Databricks allows unauthorized attackers to elevat
8564	CVE-2025-25007	0.13%	32.3th	5.3	This vulnerability in Microsoft Exchange Server allows unauthorized attackers to perform spoofing at
8565	CVE-2025-40759	0.13%	32.3th	7.8	This vulnerability in Siemens TIA Portal and related software allows attackers to execute arbitrary
8566	CVE-2025-54879	0.13%	32.2th	5.3	This vulnerability allows attackers to bypass email confirmation rate limits in Mastodon by rotating
8567	CVE-2025-8517	0.13%	32.3th	6.3	This CVE describes a session fixation vulnerability in givanz Vvveb CMS version 1.0.6.1 that allows
8568	CVE-2025-10225	0.13%	32.3th	7.5	A memory buffer vulnerability in AxxonSoft Axxon One's OpenSSL session module allows remote attacker
8569	CVE-2025-55087	0.13%	32.2th	7.5	This vulnerability in NextX Duo's SNMP addon allows attackers to trigger an out-of-bounds read via s
8570	CVE-2025-53717	0.13%	32.2th	7.0	This vulnerability in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attac
8571	CVE-2025-61766	0.13%	32.2th	6.5	The Bucket MediaWiki extension prior to version 1.0.0 contains an infinite recursion vulnerability w
8572	CVE-2025-54167	0.13%	32.3th	N/A	This cross-site scripting (XSS) vulnerability in QNAP Notification Center allows attackers with admi
8573	CVE-2025-15179	0.13%	32.1th	7.2	A stack-based buffer overflow vulnerability in Tenda WH450 router firmware version 1.0.0.18 allows r
8574	CVE-2025-15178	0.13%	32.1th	7.2	This vulnerability in Tenda WH450 routers allows remote attackers to execute arbitrary code via a st
8575	CVE-2025-15177	0.13%	32.1th	7.2	A stack-based buffer overflow vulnerability in Tenda WH450 router firmware version 1.0.0.18 allows r
8576	CVE-2025-68665	0.13%	32.3th	8.6	This vulnerability allows attackers to inject malicious serialized objects into LangChain applicatio
8577	CVE-2025-63391	0.13%	32.3th	7.5	An authentication bypass vulnerability in Open-WebUI's /api/config endpoint allows unauthenticated r
8578	CVE-2025-14748	0.13%	32.2th	5.4	This vulnerability in Ningyuanda TC155 57.0.2.0 allows attackers on the local network to perform una
8579	CVE-2025-64671	0.13%	32.2th	8.4	This command injection vulnerability in Copilot allows unauthorized attackers to execute arbitrary c
8580	CVE-2023-53817	0.13%	32.3th	N/A	A NULL pointer dereference vulnerability in the Linux kernel's mpi_cmp_ui() function allows remote a
8581	CVE-2025-12097	0.13%	32.2th	7.5	A relative path traversal vulnerability in NI System Web Server allows attackers to read arbitrary f
8582	CVE-2025-12385	0.13%	32.3th	N/A	This CVE describes a resource allocation vulnerability in Qt's Text component where improper validat
8583	CVE-2026-23830	0.13%	32.2th	10.0	SandboxJS versions before 0.8.26 have a critical sandbox escape vulnerability that allows attackers
8584	CVE-2026-22402	0.13%	32.3th	7.5	This CVE describes a PHP Local File Inclusion vulnerability in the Triply WordPress theme by pavothe
8585	CVE-2025-68913	0.13%	32.3th	7.5	This CVE describes a PHP Local File Inclusion vulnerability in the Miion WordPress theme by zozothem
8586	CVE-2025-68905	0.13%	32.3th	7.5	This CVE describes a PHP Local File Inclusion vulnerability in the JNews - Pay Writer WordPress plug
8587	CVE-2025-63017	0.13%	32.3th	7.5	This vulnerability allows attackers to include local files on the server through improper filename c
8588	CVE-2025-62156	0.13%	32.2th	8.1	Argo Workflows contains a Zip Slip path traversal vulnerability in artifact extraction that allows a
8589	CVE-2025-62852	0.13%	32.2th	6.5	A buffer overflow vulnerability in QNAP operating systems allows remote attackers with administrator
8590	CVE-2025-53597	0.13%	32.2th	6.5	A buffer overflow vulnerability in QNAP License Center allows authenticated administrators to modify
8591	CVE-2025-48721	0.13%	32.2th	6.5	A buffer overflow vulnerability in QNAP operating systems allows remote attackers with administrator
8592	CVE-2025-53593	0.13%	32.2th	6.5	A buffer overflow vulnerability in QNAP operating systems allows remote attackers with administrator
8593	CVE-2026-25027	0.13%	32.3th	7.5	This CVE describes a PHP Local File Inclusion vulnerability in the Unicamp WordPress theme. Attacker
8594	CVE-2024-54263	0.13%	32.3th	7.5	This CVE describes a PHP Local File Inclusion vulnerability in the Talemy Spirit Framework WordPress
8595	CVE-2025-24665	0.13%	32th	9.3	This SQL injection vulnerability in Eniture Technology's Small Package Quotes – Unishippers Editio
8596	CVE-2025-24664	0.13%	32th	9.3	This SQL injection vulnerability in the Eniture Technology LTL Freight Quotes WordPress plugin allow
8597	CVE-2025-0693	0.13%	32th	5.3	This vulnerability in AWS Sign-in allows attackers to use timing differences in IAM user login respo
8598	CVE-2025-23931	0.13%	32th	9.3	This SQL injection vulnerability in the WordPress Local SEO plugin allows attackers to execute arbit
8599	CVE-2025-22553	0.13%	32th	9.3	This SQL injection vulnerability in the WordPress Multiple Carousel plugin allows attackers to execu
8600	CVE-2025-0564	0.13%	32.1th	7.3	CVE-2025-0564 is a critical SQL injection vulnerability in Fantasy-Cricket 1.0's authentication comp

← Previous Page 172 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free