Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 8651 | CVE-2025-8752 |
|
32.1th | 7.3 | This critical vulnerability in wangzhixuan's spring-shiro-training allows remote attackers to execut | |
| 8652 | CVE-2025-48913 |
|
32.1th | 9.8 | This vulnerability in Apache CXF allows untrusted users who can configure JMS endpoints to use RMI o | |
| 8653 | CVE-2025-59823 |
|
32th | 9.9 | This CVE describes a code injection vulnerability in Gardener Extensions for AWS, Azure, OpenStack, | |
| 8654 | CVE-2025-55551 |
|
32th | 7.5 | A vulnerability in PyTorch's torch.linalg.lu component allows attackers to trigger a Denial of Servi | |
| 8655 | CVE-2025-12741 |
|
32.1th | N/A | A Looker user with Developer role can exploit a Denodo driver vulnerability by manipulating LookML t | |
| 8656 | CVE-2025-12740 |
|
32.1th | N/A | A Looker vulnerability allows users with Developer roles to execute malicious commands by manipulati | |
| 8657 | CVE-2025-15391 |
|
32th | 6.3 | This CVE describes a remote command injection vulnerability in D-Link DIR-806A routers via the SSDP | |
| 8658 | CVE-2025-15357 |
|
32th | 6.3 | This CVE describes a command injection vulnerability in D-Link DI-7400G+ routers that allows remote | |
| 8659 | CVE-2025-67642 |
|
32.1th | 4.3 | The Jenkins HashiCorp Vault Plugin vulnerability allows attackers with Item/Configure permission to | |
| 8660 | CVE-2025-12995 |
|
32.1th | 8.1 | Medtronic CareLink Network has an API endpoint vulnerable to unauthenticated brute force attacks, al | |
| 8661 | CVE-2026-23954 |
|
32.1th | 8.7 | This vulnerability in Incus allows users with container launch privileges to exploit directory trave | |
| 8662 | CVE-2026-0841 |
|
32th | 8.8 | This vulnerability allows remote attackers to execute arbitrary code on UTT θΏε 520W routers runn | |
| 8663 | CVE-2026-0840 |
|
32th | 8.8 | This is a remote buffer overflow vulnerability in the UTT θΏε 520W router firmware version 1.7.7- | |
| 8664 | CVE-2026-0838 |
|
32th | 8.8 | This is a remote buffer overflow vulnerability in UTT θΏε 520W firmware version 1.7.7-180627 that | |
| 8665 | CVE-2026-0837 |
|
32th | 8.8 | A buffer overflow vulnerability in the UTT θΏε 520W router firmware version 1.7.7-180627 allows r | |
| 8666 | CVE-2025-14835 |
|
32.1th | 7.1 | The WP Photo Album Plus WordPress plugin contains a reflected cross-site scripting vulnerability in | |
| 8667 | CVE-2025-61781 |
|
32.1th | 7.1 | This vulnerability allows attackers to delete other users' workspaces in OpenCTI by exploiting an au | |
| 8668 | CVE-2025-0754 |
|
31.9th | 4.3 | This vulnerability in OpenShift Service Mesh allows attackers to inject malicious payloads into HTTP | |
| 8669 | CVE-2024-35111 |
|
32th | 4.3 | IBM Control Center versions 6.2.1 and 6.3.1 expose detailed technical error messages to remote attac | |
| 8670 | CVE-2024-34579 |
|
31.9th | 7.8 | This vulnerability in Fuji Electric Alpha5 SMART allows attackers to execute arbitrary code through | |
| 8671 | CVE-2025-26871 |
|
31.9th | 4.3 | This CVE describes a Missing Authorization vulnerability in WPDeveloper's Essential Blocks for Guten | |
| 8672 | CVE-2025-1117 |
|
31.9th | 7.3 | This critical SQL injection vulnerability in CoinRemitter OpenCart plugin allows remote attackers to | |
| 8673 | CVE-2025-2680 |
|
32th | 7.3 | This critical SQL injection vulnerability in PHPGurukul Bank Locker Management System 1.0 allows att | |
| 8674 | CVE-2025-2679 |
|
32th | 7.3 | This critical SQL injection vulnerability in PHPGurukul Bank Locker Management System 1.0 allows rem | |
| 8675 | CVE-2025-2676 |
|
32th | 7.3 | This critical SQL injection vulnerability in PHPGurukul Bank Locker Management System 1.0 allows rem | |
| 8676 | CVE-2024-9216 |
|
31.9th | 8.1 | This authentication bypass vulnerability in ChuanhuChatGPT allows attackers to read and delete other | |
| 8677 | CVE-2024-8998 |
|
31.9th | 7.5 | A Regular Expression Denial of Service (ReDoS) vulnerability in lunary-ai/lunary allows attackers to | |
| 8678 | CVE-2024-8764 |
|
31.9th | 7.5 | This vulnerability in lunary-ai/lunary allows authenticated users to upload and execute arbitrary re | |
| 8679 | CVE-2024-8763 |
|
31.9th | 7.5 | A Regular Expression Denial of Service (ReDoS) vulnerability in lunary-ai/lunary allows attackers to | |
| 8680 | CVE-2025-3548 |
|
31.9th | 5.3 | This critical vulnerability in Open Asset Import Library (Assimp) allows heap-based buffer overflow | |
| 8681 | CVE-2025-4735 |
|
31.9th | 6.3 | CVE-2025-4735 is a critical unrestricted file upload vulnerability in Campcodes Sales and Inventory | |
| 8682 | CVE-2024-6107 |
|
32th | 9.6 | This authentication bypass vulnerability in MAAS allows attackers to execute unauthorized RPC comman | |
| 8683 | CVE-2025-29156 |
|
31.9th | 6.1 | A cross-site scripting (XSS) vulnerability in petstore v1.0.7 allows remote attackers to inject mali | |
| 8684 | CVE-2025-55238 |
|
31.9th | 7.5 | This vulnerability in Dynamics 365 FastTrack Implementation Assets allows unauthorized access to sen | |
| 8685 | CVE-2025-9273 |
|
32th | 4.3 | CVE-2025-9273 is an information disclosure vulnerability in CData API Server's MySQL connector that | |
| 8686 | CVE-2025-10750 |
|
31.9th | 5.3 | The PowerBI Embed Reports WordPress plugin up to version 1.2.0 contains an unauthenticated informati | |
| 8687 | CVE-2025-34515 |
|
32th | 9.8 | CVE-2025-34515 is a privilege escalation vulnerability in Ilevia EVE X1 Server firmware where the sy | |
| 8688 | CVE-2025-61733 |
|
32th | 7.5 | This CVE describes an authentication bypass vulnerability in Apache Kylin that allows attackers to a | |
| 8689 | CVE-2025-15114 |
|
31.9th | 9.8 | This critical vulnerability in Ksenia Security Lares 4.0 Home Automation version 1.6 exposes the ala | |
| 8690 | CVE-2025-15097 |
|
32th | 7.3 | This vulnerability in Alteryx Server allows attackers to bypass authentication via manipulation of t | |
| 8691 | CVE-2025-68268 |
|
32th | 5.4 | This vulnerability allows attackers to inject malicious scripts into the JetBrains TeamCity storage | |
| 8692 | CVE-2025-68166 |
|
32th | 5.4 | This DOM-based cross-site scripting (XSS) vulnerability in JetBrains TeamCity allows attackers to in | |
| 8693 | CVE-2025-68165 |
|
32th | 5.4 | JetBrains TeamCity versions before 2025.11 contain a reflected cross-site scripting (XSS) vulnerabil | |
| 8694 | CVE-2025-66590 |
|
31.9th | 9.8 | This critical vulnerability in AzeoTech DAQFactory allows attackers to write data beyond allocated m | |
| 8695 | CVE-2025-66588 |
|
31.9th | 9.8 | An uninitialized pointer vulnerability in AzeoTech DAQFactory allows attackers to execute arbitrary | |
| 8696 | CVE-2025-41732 |
|
31.9th | 9.8 | This critical vulnerability allows unauthenticated remote attackers to exploit unsafe sscanf calls i | |
| 8697 | CVE-2025-41730 |
|
31.9th | 9.8 | An unauthenticated remote attacker can exploit unsafe sscanf calls in the check_account() function t | |
| 8698 | CVE-2025-27935 |
|
31.9th | N/A | This vulnerability allows attackers to bypass multi-factor authentication in PingFederate OTP Integr | |
| 8699 | CVE-2026-24835 |
|
31.9th | 7.1 | A critical authentication bypass vulnerability in Podman Desktop allows any installed extension to c | |
| 8700 | CVE-2026-20080 |
|
31.9th | 5.3 | This vulnerability in Cisco IEC6400 Wireless Backhaul Edge Compute Software allows unauthenticated r |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation β making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free