Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 901 | CVE-2025-34328 |
|
64.2th | 9.8 | This critical vulnerability allows unauthenticated remote attackers to upload arbitrary files and ex | |
| 902 | CVE-2025-34394 |
|
64.2th | 9.8 | Barracuda Service Center in the RMM solution prior to version 2025.1.1 exposes a .NET Remoting servi | |
| 903 | CVE-2025-34393 |
|
64.2th | 9.8 | This vulnerability in Barracuda Service Center allows attackers to execute arbitrary code remotely b | |
| 904 | CVE-2025-43844 |
|
64.1th | 9.8 | CVE-2025-43844 is a critical command injection vulnerability in Retrieval-based-Voice-Conversion-Web | |
| 905 | CVE-2025-68952 |
|
64.1th | 9.8 | Eigent multi-agent Workforce version 0.0.60 contains a 1-click Remote Code Execution vulnerability t | |
| 906 | CVE-2025-47981 |
|
64.1th | 9.8 | A heap-based buffer overflow vulnerability in Windows SPNEGO Extended Negotiation allows unauthentic | |
| 907 | CVE-2025-63213 |
|
64.1th | 9.8 | This vulnerability allows remote attackers to execute arbitrary commands with root privileges on QVi | |
| 908 | CVE-2023-53968 |
|
64.1th | 9.8 | This authentication bypass vulnerability in Screen SFT DAB 600/C firmware allows attackers to delete | |
| 909 | CVE-2023-7334 |
|
64.1th | 9.8 | This CVE describes a critical .NET deserialization vulnerability in Changjetong T+ software that all | |
| 910 | CVE-2025-1127 |
|
64th | 9.1 | This CVE-2025-1127 vulnerability allows attackers to execute arbitrary code as an unprivileged user | |
| 911 | CVE-2025-3844 |
|
63.9th | 9.8 | The PeproDev Ultimate Profile Solutions WordPress plugin has an authentication bypass vulnerability | |
| 912 | CVE-2025-70161 |
|
63.9th | 9.8 | EDIMAX BR-6208AC V2 router firmware version 1.02 contains a command injection vulnerability in the p | |
| 913 | CVE-2025-59340 |
|
63.8th | 9.8 | CVE-2025-59340 is a critical deserialization vulnerability in jinjava that allows attackers to bypas | |
| 914 | CVE-2025-57633 |
|
63.8th | 9.8 | This CVE describes a critical command injection vulnerability in FTP-Flask-python that allows unauth | |
| 915 | CVE-2024-12922 |
|
63.8th | 9.8 | The Altair WordPress theme has a critical vulnerability that allows unauthenticated attackers to mod | |
| 916 | CVE-2025-45947 |
|
63.6th | 9.8 | This vulnerability allows remote attackers to execute arbitrary code on systems running phpgurukul O | |
| 917 | CVE-2025-0477 |
|
63.6th | 9.8 | A critical encryption vulnerability in Rockwell Automation FactoryTalk AssetCentre allows attackers | |
| 918 | CVE-2025-7710 |
|
63.6th | 9.8 | The Brave Conversion Engine (PRO) WordPress plugin has an authentication bypass vulnerability that a | |
| 919 | CVE-2024-43243 |
|
63.5th | 10.0 | This vulnerability allows attackers to upload arbitrary files, including web shells, to WordPress se | |
| 920 | CVE-2025-3011 |
|
63.5th | 9.8 | CVE-2025-3011 is a critical SQL injection vulnerability in SOOP-CLM from PiExtract that allows unaut | |
| 921 | CVE-2025-27603 |
|
63.5th | 9.1 | This vulnerability in XWiki Confluence Migrator Pro allows unprivileged users without programming ri | |
| 922 | CVE-2025-29953 |
|
63.4th | 9.8 | This vulnerability allows malicious Apache ActiveMQ servers to send specially crafted responses to N | |
| 923 | CVE-2024-12470 |
|
63.3th | 9.8 | The SakolaWP WordPress plugin allows unauthenticated attackers to register as administrative users d | |
| 924 | CVE-2025-25373 |
|
63.3th | 9.8 | The Memory Management Module in NASA cFS Aquila has insecure permissions that allow attackers to gai | |
| 925 | CVE-2025-63958 |
|
63.3th | 9.8 | MILLENSYS Vision Tools Workspace 6.5.0.2585 exposes an unauthenticated configuration endpoint that l | |
| 926 | CVE-2025-48780 |
|
63.3th | 9.8 | A critical deserialization vulnerability in Soar Cloud HRD Human Resource Management System allows r | |
| 927 | CVE-2025-25362 |
|
63.3th | 9.8 | This Server-Side Template Injection (SSTI) vulnerability in Spacy-LLM v0.7.2 allows attackers to exe | |
| 928 | CVE-2025-58159 |
|
63.3th | 9.9 | CVE-2025-58159 is a critical remote code execution vulnerability in WeGIA web management software fo | |
| 929 | CVE-2021-47851 |
|
63.3th | 9.8 | Mini Mouse 9.2.0 contains an unauthenticated remote code execution vulnerability that allows attacke | |
| 930 | CVE-2025-24269 |
|
63.2th | 9.8 | This is a critical memory handling vulnerability in macOS that allows an application to cause a syst | |
| 931 | CVE-2025-24263 |
|
63.2th | 9.8 | This CVE describes a macOS privacy vulnerability where applications could access unprotected user da | |
| 932 | CVE-2025-53825 |
|
63.2th | 9.4 | CVE-2025-53825 is an unauthenticated remote code execution vulnerability in Dokploy's preview deploy | |
| 933 | CVE-2025-25211 |
|
63.2th | 9.8 | CVE-2025-25211 is a weak password requirements vulnerability in CHOCO TEI WATCHER mini (IB-MCT001) i | |
| 934 | CVE-2025-5630 |
|
63.2th | 9.8 | This critical vulnerability in D-Link DIR-816 routers allows remote attackers to execute arbitrary c | |
| 935 | CVE-2025-5624 |
|
63.2th | 9.8 | This critical vulnerability in D-Link DIR-816 routers allows remote attackers to execute arbitrary c | |
| 936 | CVE-2025-10432 |
|
63.2th | 9.8 | This vulnerability allows remote attackers to execute arbitrary code on Tenda AC1206 routers via a s | |
| 937 | CVE-2025-9588 |
|
63.1th | 10.0 | This critical OS command injection vulnerability in Iron Mountain Archiving Services EnVision allows | |
| 938 | CVE-2025-59741 |
|
63.1th | 9.8 | This is a critical command injection vulnerability in AndSoft's e-TMS v25.03 that allows unauthentic | |
| 939 | CVE-2025-59740 |
|
63.1th | 9.8 | This is a critical command injection vulnerability in AndSoft's e-TMS transportation management soft | |
| 940 | CVE-2025-59739 |
|
63.1th | 9.8 | This is a critical command injection vulnerability in AndSoft's e-TMS transportation management soft | |
| 941 | CVE-2025-59738 |
|
63.1th | 9.8 | This is a critical command injection vulnerability in AndSoft's e-TMS v25.03 that allows unauthentic | |
| 942 | CVE-2025-59737 |
|
63.1th | 9.8 | This is a critical command injection vulnerability in AndSoft's e-TMS transportation management syst | |
| 943 | CVE-2025-59736 |
|
63.1th | 9.8 | This is a critical command injection vulnerability in AndSoft's e-TMS v25.03 that allows attackers t | |
| 944 | CVE-2025-59735 |
|
63.1th | 9.8 | This is a critical command injection vulnerability in AndSoft's e-TMS transportation management syst | |
| 945 | CVE-2025-25456 |
|
63.1th | 9.8 | This vulnerability allows remote attackers to execute arbitrary code on Tenda AC10 routers via a buf | |
| 946 | CVE-2025-26617 |
|
63th | 9.8 | A SQL injection vulnerability in WeGIA's historico_paciente.php endpoint allows attackers to execute | |
| 947 | CVE-2025-26608 |
|
63th | 9.8 | A SQL injection vulnerability in WeGIA's dependente_docdependente.php endpoint allows attackers to e | |
| 948 | CVE-2025-26606 |
|
63th | 9.8 | A SQL injection vulnerability in WeGIA's informacao_adicional.php endpoint allows attackers to execu | |
| 949 | CVE-2025-5397 |
|
63th | 9.8 | This vulnerability allows unauthenticated attackers to bypass authentication and gain administrative | |
| 950 | CVE-2025-10640 |
|
63th | 9.8 | CVE-2025-10640 allows unauthenticated attackers to bypass authentication on WorkExaminer Professiona |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free