Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
9351	CVE-2025-55241	0.11%	30.1th	10.0	This critical vulnerability in Azure Entra ID (formerly Azure Active Directory) allows attackers to
9352	CVE-2025-60023	0.11%	30.2th	4.0	A relative path traversal vulnerability in Productivity Suite software version 4.4.1.19 allows unaut
9353	CVE-2025-60830	0.11%	30.2th	6.5	Redragon ERP v1.0 contains a Shiro deserialization vulnerability due to the use of default Shiro cry
9354	CVE-2025-60828	0.11%	30.2th	6.5	WukongCRM 9.0-JAVA contains a fastjson deserialization vulnerability in the /OaExamine/setOaExamine
9355	CVE-2025-59150	0.11%	30.1th	7.5	A NULL pointer dereference vulnerability in Suricata's TLS subject alternative name parsing causes s
9356	CVE-2025-60739	0.11%	30.2th	9.6	A Cross-Site Request Forgery (CSRF) vulnerability in Ilevia EVE X1 Server firmware allows remote att
9357	CVE-2025-12973	0.11%	30.2th	7.2	This vulnerability allows authenticated attackers with Editor-level WordPress access to upload arbit
9358	CVE-2025-42894	0.11%	30.2th	6.8	This CVE describes a Path Traversal vulnerability in SAP Business Connector that allows authenticate
9359	CVE-2025-7663	0.11%	30.2th	6.5	The Ovatheme Events Manager WordPress plugin has a missing capability check vulnerability that allow
9360	CVE-2025-43464	0.11%	30.2th	6.5	This CVE describes a denial-of-service vulnerability in macOS where visiting a malicious website cou
9361	CVE-2025-13875	0.11%	30.2th	6.3	This vulnerability allows remote attackers to perform path traversal attacks in Yohann0617 oci-helpe
9362	CVE-2026-24410	0.11%	30.2th	7.1	CVE-2026-24410 is a vulnerability in iccDEV's ICC color management profile libraries where improper
9363	CVE-2026-24409	0.11%	30.2th	7.1	This vulnerability in iccDEV allows attackers to exploit undefined behavior and null pointer derefer
9364	CVE-2026-24404	0.11%	30.2th	7.1	A null pointer dereference vulnerability in iccDEV's CIccXmlArrayType() function allows attackers to
9365	CVE-2026-23884	0.11%	30.2th	9.8	CVE-2026-23884 is a use-after-free vulnerability in FreeRDP clients where offscreen bitmap deletion
9366	CVE-2026-23883	0.11%	30.2th	9.8	This is a use-after-free vulnerability in FreeRDP's X11 client graphics handling that allows a malic
9367	CVE-2025-14829	0.11%	30.2th	9.1	The E-xact Hosted Payment WordPress plugin through version 2.0 contains an arbitrary file deletion v
9368	CVE-2026-21688	0.11%	30.1th	8.8	A type confusion vulnerability in iccDEV's SIccCalcOp::ArgsPushed() function allows attackers to pot
9369	CVE-2025-60534	0.11%	30.2th	9.8	Blue Access Cobalt v02.000.195 has an authentication bypass vulnerability that allows attackers to p
9370	CVE-2024-31088	0.11%	30.1th	6.5	This DOM-based XSS vulnerability in the AdsPlace'r WordPress plugin allows attackers to inject malic
9371	CVE-2026-21450	0.11%	30.2th	9.8	Bagisto eCommerce platforms running versions before 2.3.10 are vulnerable to server-side template in
9372	CVE-2025-41717	0.11%	30.2th	8.8	An unauthenticated remote attacker can trick a high-privileged user into uploading malicious configu
9373	CVE-2025-21568	0.11%	30.1th	4.5	This vulnerability in Oracle Hyperion Data Relationship Management allows high-privileged attackers
9374	CVE-2025-23080	0.11%	30.1th	5.3	This CVE describes a cross-site scripting (XSS) vulnerability in the MediaWiki OpenBadges extension.
9375	CVE-2024-42169	0.11%	30th	7.1	This vulnerability in HCL MyXalytics allows attackers to access unauthorized data due to missing acc
9376	CVE-2025-23078	0.11%	30.1th	6.5	This CVE describes a Cross-Site Scripting (XSS) vulnerability in the Mediawiki Breadcrumbs2 extensio
9377	CVE-2025-23225	0.11%	30th	6.5	This vulnerability in IBM MQ allows authenticated users to send specially crafted messages with inva
9378	CVE-2025-1488	0.11%	30th	4.7	The WPO365 Microsoft 365 Graph Mailer WordPress plugin has an open redirect vulnerability in all ver
9379	CVE-2024-13369	0.11%	30.1th	6.5	This vulnerability allows authenticated attackers with Subscriber-level access or higher to perform
9380	CVE-2024-13601	0.11%	30.1th	4.3	This vulnerability allows authenticated WordPress users with Subscriber-level access or higher to ex
9381	CVE-2024-55212	0.11%	30th	6.5	DNNGo xBlog v6.5.0 contains a SQL injection vulnerability in the Categorys parameter at /DNNGo_xBlog
9382	CVE-2022-31764	0.11%	30th	8.5	This vulnerability allows authenticated attackers to execute arbitrary code on Apache ShardingSphere
9383	CVE-2025-24255	0.11%	30th	8.4	This macOS vulnerability allows applications to escape their sandbox restrictions due to improper in
9384	CVE-2025-27406	0.11%	30.1th	7.6	This vulnerability in Icinga Reporting allows attackers to embed arbitrary JavaScript in report temp
9385	CVE-2025-2738	0.11%	30th	7.3	This critical SQL injection vulnerability in PHPGurukul Old Age Home Management System 1.0 allows re
9386	CVE-2025-2737	0.11%	30th	7.3	This critical SQL injection vulnerability in PHPGurukul Old Age Home Management System 1.0 allows re
9387	CVE-2025-29778	0.11%	30.1th	5.8	Kyverno versions before 1.14.0-alpha.1 ignore subjectRegExp and issuerRegExp validations when verify
9388	CVE-2025-1408	0.11%	30.1th	4.3	This vulnerability allows authenticated WordPress users with Subscriber-level access or higher to ap
9389	CVE-2024-12114	0.11%	30.1th	4.3	This vulnerability in the FooGallery WordPress plugin allows authenticated attackers with gallery cr
9390	CVE-2025-1859	0.11%	30th	7.3	A critical SQL injection vulnerability exists in PHPGurukul News Portal 4.1's login.php file, allowi
9391	CVE-2023-35817	0.11%	30th	5.0	This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in DevExpress AsyncDownloader
9392	CVE-2025-46264	0.11%	30.1th	9.9	This vulnerability allows attackers to upload arbitrary files, including web shells, to WordPress se
9393	CVE-2025-22081	0.11%	30th	5.5	This CVE describes an integer overflow vulnerability in the NTFS3 filesystem driver in the Linux ker
9394	CVE-2025-22062	0.11%	30th	5.5	A race condition vulnerability in the Linux kernel's SCTP protocol implementation allows concurrent
9395	CVE-2025-31721	0.11%	30th	4.3	This vulnerability allows attackers with Computer/Create permission in Jenkins to copy agent configu
9396	CVE-2025-30476	0.11%	30th	5.3	Dell PowerScale InsightIQ version 5.2 has an uncontrolled resource consumption vulnerability that al
9397	CVE-2025-30314	0.11%	30.1th	6.1	Adobe Connect versions 12.8 and earlier contain a stored Cross-Site Scripting vulnerability where at
9398	CVE-2025-52827	0.11%	30.1th	8.8	A deserialization vulnerability in the uxper Nuss WordPress theme allows attackers to inject malicio
9399	CVE-2025-45851	0.11%	30th	7.5	This vulnerability allows unauthenticated attackers to cause a Denial of Service (DoS) on Hikvision
9400	CVE-2025-40596	0.11%	30.1th	7.3	A stack-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauth

← Previous Page 188 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free