Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
851	CVE-2025-1750	0.52%	66.2th	9.8	An SQL injection vulnerability in DuckDBVectorStore's delete function allows attackers to manipulate
852	CVE-2026-22237	0.52%	66.1th	9.8	This vulnerability exposes sensitive internal API documentation in BLUVOYIX, allowing unauthenticate
853	CVE-2025-2395	0.51%	66th	9.8	U-Office Force from e-Excellence has an improper authentication vulnerability that allows unauthenti
854	CVE-2025-58762	0.51%	66th	9.1	This vulnerability allows attackers with administrative access to Tautulli to write arbitrary Python
855	CVE-2025-20358	0.51%	66th	9.4	This vulnerability allows unauthenticated remote attackers to bypass authentication in Cisco Unified
856	CVE-2023-40714	0.51%	65.9th	9.9	This vulnerability allows attackers to perform relative path traversal in Fortinet FortiSIEM, enabli
857	CVE-2025-54857	0.51%	65.9th	9.8	This vulnerability allows remote unauthenticated attackers to execute arbitrary operating system com
858	CVE-2025-29902	0.51%	65.8th	10.0	This critical vulnerability allows remote attackers to execute arbitrary code on affected Bosch syst
859	CVE-2025-21556	0.51%	65.7th	9.9	This critical vulnerability in Oracle Agile PLM Framework allows authenticated attackers with low pr
860	CVE-2025-27531	0.51%	65.7th	9.8	This vulnerability allows authenticated attackers to read arbitrary files on Apache InLong servers t
861	CVE-2023-53740	0.51%	65.7th	9.8	CVE-2023-53740 is an authentication bypass vulnerability in Screen SFT DAB 1.9.3 that allows attacke
862	CVE-2025-29269	0.51%	65.7th	9.8	This vulnerability allows remote attackers to execute arbitrary operating system commands on ALLNET
863	CVE-2025-7340	0.5%	65.6th	9.8	This vulnerability allows unauthenticated attackers to upload arbitrary files to WordPress sites usi
864	CVE-2025-11539	0.5%	65.5th	9.9	Grafana Image Renderer versions 1.0.0 through 4.0.16 contain an arbitrary file write vulnerability i
865	CVE-2025-24154	0.5%	65.4th	9.1	This CVE describes an out-of-bounds write vulnerability in Apple operating systems that could allow
866	CVE-2025-49796	0.5%	65.5th	9.1	A memory corruption vulnerability in libxml2 allows attackers to craft malicious XML files containin
867	CVE-2025-66208	0.5%	65.4th	9.8	CVE-2025-66208 is a critical OS command injection vulnerability in Collabora Online's built-in CODE
868	CVE-2025-55423	0.5%	65.4th	9.8	A critical command injection vulnerability in ipTIME routers allows attackers to execute arbitrary o
869	CVE-2025-30356	0.5%	65.3th	9.8	A heap buffer overflow vulnerability in CryptoLib's SDLS-EP implementation allows attackers to craft
870	CVE-2025-5393	0.5%	65.3th	9.1	This vulnerability allows unauthenticated attackers to delete arbitrary files on WordPress servers r
871	CVE-2024-11350	0.5%	65.2th	9.8	The AdForest WordPress theme contains a critical authentication bypass vulnerability that allows una
872	CVE-2025-70457	0.5%	65.3th	9.8	This vulnerability allows unauthenticated attackers to upload malicious PHP files disguised as image
873	CVE-2024-55414	0.5%	65.2th	9.8	A vulnerability in Motorola SM56 Modem WDM Driver allows low-privileged users to map physical memory
874	CVE-2025-5622	0.49%	65.2th	9.8	This critical vulnerability in D-Link DIR-816 routers allows remote attackers to execute arbitrary c
875	CVE-2025-5396	0.49%	65.1th	9.8	The Bears Backup plugin for WordPress has a critical Remote Code Execution vulnerability that allows
876	CVE-2025-25467	0.49%	65.1th	9.8	This critical memory management vulnerability in libx264 allows attackers to execute arbitrary code
877	CVE-2025-30390	0.49%	65.1th	9.9	This critical Azure vulnerability allows authenticated attackers to escalate privileges within cloud
878	CVE-2026-24897	0.49%	65th	10.0	CVE-2026-24897 is a critical path traversal vulnerability in Erugo file-sharing platform that allows
879	CVE-2025-50739	0.49%	64.8th	9.8	CVE-2025-50739 is a critical remote code execution vulnerability in iib0011 omni-tools v0.4.0 caused
880	CVE-2024-57590	0.48%	64.7th	9.8	TRENDnet TEW-632BRP routers have a critical OS command injection vulnerability in the ntp_sync.cgi i
881	CVE-2025-26612	0.48%	64.7th	9.8	CVE-2025-26612 is a critical SQL injection vulnerability in WeGIA's adicionar_almoxarife.php endpoin
882	CVE-2025-31194	0.48%	64.7th	9.8	This vulnerability allows macOS shortcuts to execute with administrative privileges without proper a
883	CVE-2025-44823	0.48%	64.7th	9.9	Nagios Log Server before version 2024R1.3.2 allows authenticated users to retrieve cleartext adminis
884	CVE-2024-11951	0.48%	64.6th	9.8	The Homey Login Register WordPress plugin allows unauthenticated attackers to create accounts with a
885	CVE-2025-1671	0.48%	64.6th	9.8	The Academist Membership WordPress plugin has an authentication bypass vulnerability that allows una
886	CVE-2025-1564	0.48%	64.6th	9.8	The SetSail Membership plugin for WordPress has an authentication bypass vulnerability in social log
887	CVE-2025-30016	0.48%	64.6th	9.8	CVE-2025-30016 is an authentication bypass vulnerability in SAP Financial Consolidation that allows
888	CVE-2024-6809	0.48%	64.6th	9.8	CVE-2024-6809 is a critical SQL injection vulnerability in the Simple Video Directory WordPress plug
889	CVE-2025-27690	0.48%	64.5th	9.8	Dell PowerScale OneFS versions 9.5.0.0 through 9.10.1.0 contain a default password vulnerability tha
890	CVE-2025-44084	0.48%	64.5th	9.8	This CVE describes a command injection vulnerability in D-link DI-8100 firmware that allows remote a
891	CVE-2024-54092	0.48%	64.5th	9.8	This vulnerability allows unauthenticated remote attackers to bypass authentication on specific API
892	CVE-2025-9605	0.48%	64.5th	9.8	A stack-based buffer overflow vulnerability in Tenda AC21 and AC23 routers allows remote attackers t
893	CVE-2024-39774	0.48%	64.4th	9.1	This vulnerability allows authenticated attackers to execute arbitrary code on Wavlink AC3000 router
894	CVE-2024-39358	0.48%	64.4th	9.1	A buffer overflow vulnerability in the Wavlink AC3000 router's adm.cgi set_wzap() function allows au
895	CVE-2024-39299	0.48%	64.4th	9.1	This vulnerability allows authenticated attackers to execute arbitrary code on Wavlink AC3000 router
896	CVE-2024-37184	0.48%	64.4th	9.1	A buffer overflow vulnerability in the Wavlink AC3000 router's adm.cgi component allows authenticate
897	CVE-2024-36272	0.48%	64.4th	9.1	This vulnerability allows authenticated attackers to execute arbitrary code on Wavlink AC3000 router
898	CVE-2025-64717	0.48%	64.4th	9.8	This vulnerability in ZITADEL identity management platform allows unauthenticated attackers to bypas
899	CVE-2025-4981	0.48%	64.2th	9.9	This vulnerability allows authenticated Mattermost users to write files to arbitrary locations on th
900	CVE-2025-32799	0.47%	64.2th	9.8	CVE-2025-32799 is a path traversal vulnerability in conda-build that allows attackers to write files

← Previous Page 18 of 70 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free