Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Flags	Summary
851	CVE-2026-1802	2.14%	83.9th	7.3		This CVE describes a command injection vulnerability in the Ziroom ZHOME A0101 router firmware versi
852	CVE-2025-0328	2.14%	83.8th	7.3		This critical vulnerability allows remote attackers to execute arbitrary commands on KaiYuanTong ECT
853	CVE-2025-1546	2.14%	83.8th	7.3		This critical vulnerability allows remote attackers to execute arbitrary operating system commands o
854	CVE-2025-2332	2.12%	83.8th	9.8		This CVE describes a PHP object injection vulnerability in the Export All Posts, Products, Orders, R
855	CVE-2024-57686	2.12%	83.8th	9.8		A reflected Cross-Site Scripting (XSS) vulnerability in PHPGurukul Land Record System v1.0 allows re
856	CVE-2025-3259	2.11%	83.8th	8.8		A critical stack-based buffer overflow vulnerability in Tenda RX3 routers allows remote attackers to
857	CVE-2024-13630	2.11%	83.8th	6.1		The NewsTicker WordPress plugin through version 1.0 contains a reflected cross-site scripting (XSS)
858	CVE-2024-40071	2.1%	83.7th	9.8		This vulnerability allows attackers to upload arbitrary PHP files to Sourcecodester Online ID Genera
859	CVE-2025-24076	2.1%	83.7th	7.3		This vulnerability in Windows Cross Device Service allows an authenticated attacker to escalate priv
860	CVE-2025-11488	2.1%	83.7th	7.3		This CVE describes a command injection vulnerability in D-Link DIR-852 routers that allows remote at
861	CVE-2025-29064	2.1%	83.7th	9.8		This vulnerability allows remote attackers to execute arbitrary operating system commands on TOTOLIN
862	CVE-2025-4094	2.09%	83.7th	9.8		The DIGITS WordPress plugin before version 8.4.6.1 lacks rate limiting on OTP validation attempts, a
863	CVE-2021-4455	2.09%	83.7th	9.8		The Smart Product Review WordPress plugin allows unauthenticated attackers to upload arbitrary files
864	CVE-2025-1093	2.09%	83.7th	9.8		The AIHub WordPress theme allows unauthenticated attackers to upload arbitrary files due to missing
865	CVE-2025-0376	2.08%	83.7th	8.7		A cross-site scripting (XSS) vulnerability in GitLab CE/EE allows attackers to inject malicious scri
866	CVE-2024-42936	2.07%	83.6th	9.8		This vulnerability allows remote attackers to execute arbitrary code on Ruijie RG-EW300N wireless ac
867	CVE-2026-21533	2.07%	83.6th	7.8	KEV	This vulnerability allows an authorized attacker with valid Remote Desktop credentials to elevate pr
868	CVE-2025-50428	2.07%	83.6th	9.8		This CVE describes a command injection vulnerability in RaspAP raspap-webgui that allows attackers t
869	CVE-2025-26672	2.07%	83.6th	6.5		A buffer over-read vulnerability in Windows Routing and Remote Access Service (RRAS) allows unauthor
870	CVE-2025-26664	2.07%	83.6th	6.5		A buffer over-read vulnerability in Windows Routing and Remote Access Service (RRAS) allows unauthor
871	CVE-2024-39800	2.05%	83.5th	9.1		This vulnerability allows authenticated attackers to execute arbitrary commands on Wavlink AC3000 ro
872	CVE-2024-39798	2.05%	83.5th	9.1		This vulnerability allows authenticated attackers to execute arbitrary commands on Wavlink AC3000 ro
873	CVE-2020-37041	2.05%	83.5th	7.5		CVE-2020-37041 is a directory traversal vulnerability in OpenCTI 3.3.1 that allows unauthenticated a
874	CVE-2024-56518	2.05%	83.5th	9.8		CVE-2024-56518 allows remote attackers to execute arbitrary code on Hazelcast Management Center serv
875	CVE-2025-63353	2.05%	83.5th	9.8		This vulnerability allows attackers to predict the default Wi-Fi password on FiberHome GPON ONU HG61
876	CVE-2024-46089	2.04%	83.5th	6.3		CVE-2024-46089 is a remote code execution vulnerability in 74cms background interface apiadmin that
877	CVE-2025-26647	2.04%	83.5th	8.8		This vulnerability allows an authorized attacker to exploit improper input validation in Windows Ker
878	CVE-2025-5961	2.04%	83.5th	7.2		The WPvivid Backup & Migration WordPress plugin allows authenticated administrators to upload arbitr
879	CVE-2023-38036	2.03%	83.5th	9.8		This is a critical buffer overflow vulnerability in Ivanti Avalanche Manager that allows unauthentic
880	CVE-2025-50460	2.03%	83.5th	9.8		This CVE describes a remote code execution vulnerability in ms-swift version 3.3.0 due to unsafe YAM
881	CVE-2024-13487	2.02%	83.4th	7.3		The CURCY WooCommerce plugin allows unauthenticated attackers to execute arbitrary WordPress shortco
882	CVE-2025-29017	2.02%	83.4th	8.8		A remote code execution vulnerability in Code Astro Internet Banking System 2.0.0 allows attackers t
883	CVE-2025-0111	2.02%	83.4th	6.5	KEV	An authenticated file read vulnerability in Palo Alto Networks PAN-OS software allows authenticated
884	CVE-2025-57642	2.02%	83.4th	7.2		This vulnerability allows attackers to upload malicious PHP shell scripts to Tourism Management Syst
885	CVE-2025-61141	2.01%	83.4th	7.5		CVE-2025-61141 allows remote command injection in sqls-server/sqls version 0.2.28 through the config
886	CVE-2025-60682	2%	83.3th	6.5		This CVE describes a command injection vulnerability in ToToLink A720R router firmware that allows u
887	CVE-2025-53772	1.99%	83.3th	8.8		This vulnerability allows an authorized attacker to execute arbitrary code on systems running vulner
888	CVE-2025-11368	1.99%	83.3th	5.3		This vulnerability in the LearnPress WordPress LMS plugin allows unauthenticated attackers to access
889	CVE-2025-65856	1.99%	83.3th	9.8		CVE-2025-65856 is an authentication bypass vulnerability in Xiongmai XM530 IP cameras that allows un
890	CVE-2025-0572	1.99%	83.3th	4.3		This vulnerability allows authenticated remote attackers to write arbitrary files to the Sante PACS
891	CVE-2025-21395	1.99%	83.3th	7.8		This vulnerability allows remote attackers to execute arbitrary code on systems running vulnerable v
892	CVE-2025-21366	1.99%	83.3th	7.8		This vulnerability allows remote attackers to execute arbitrary code on systems running vulnerable v
893	CVE-2025-21345	1.99%	83.3th	7.8		This vulnerability in Microsoft Office Visio allows attackers to execute arbitrary code by tricking
894	CVE-2025-21186	1.99%	83.3th	7.8		This vulnerability allows remote attackers to execute arbitrary code on systems running vulnerable v
895	CVE-2025-60335	1.98%	83.3th	7.5		A NULL pointer dereference vulnerability in TOTOLINK N600R routers allows attackers to crash the dev
896	CVE-2025-29662	1.98%	83.3th	9.8		CVE-2025-29662 is a critical remote code execution vulnerability in LandChat 3.25.12.18 that allows
897	CVE-2025-12089	1.98%	83.2th	6.5		The Data Tables Generator by Supsystic WordPress plugin contains a path traversal vulnerability in i
898	CVE-2026-1723	1.98%	83.2th	N/A		This CVE describes an OS command injection vulnerability in TOTOLINK X6000R routers that allows atta
899	CVE-2025-11779	1.97%	83.2th	9.8		A stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2 allows remote a
900	CVE-2024-13797	1.97%	83.2th	7.3		This vulnerability allows unauthenticated attackers to execute arbitrary WordPress shortcodes in the

← Previous Page 18 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free