Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 51 | CVE-2025-59287 |
|
98.8th | 9.8 | KEV | CVE-2025-59287 is a critical deserialization vulnerability in Windows Server Update Service (WSUS) t |
| 52 | CVE-2025-57819 |
|
98.8th | 9.8 | KEV | CVE-2025-57819 is a critical vulnerability in FreePBX that allows unauthenticated attackers to bypas |
| 53 | CVE-2025-27007 |
|
98.8th | 9.8 | This vulnerability allows attackers to escalate privileges in Brainstorm Force SureTriggers WordPres | |
| 54 | CVE-2025-48827 |
|
98.8th | 10.0 | This vulnerability allows unauthenticated attackers to invoke protected API controller methods in vB | |
| 55 | CVE-2020-36849 |
|
98.7th | 9.8 | The AIT CSV import/export WordPress plugin allows unauthenticated attackers to upload arbitrary file | |
| 56 | CVE-2025-34111 |
|
98.7th | 9.8 | This vulnerability allows unauthenticated remote attackers to upload arbitrary files, including mali | |
| 57 | CVE-2022-25369 |
|
98.6th | 9.8 | CVE-2022-25369 is an authentication bypass vulnerability in Dynamicweb CMS that allows unauthenticat | |
| 58 | CVE-2025-54236 |
|
98.6th | 9.1 | KEV | CVE-2025-54236 is an improper input validation vulnerability in Adobe Commerce (Magento) that allows |
| 59 | CVE-2012-10060 |
|
98.6th | 9.8 | CVE-2012-10060 is a critical stack-based buffer overflow vulnerability in Sysax Multi Server's SSH s | |
| 60 | CVE-2010-20121 |
|
98.6th | 9.8 | EasyFTP Server versions up to 1.7.0.11 contain a critical stack-based buffer overflow vulnerability | |
| 61 | CVE-2025-2775 |
|
98.5th | 9.3 | KEV | SysAid On-Prem versions up to 23.3.40 contain an unauthenticated XML External Entity (XXE) vulnerabi |
| 62 | CVE-2024-55964 |
|
98.5th | 9.8 | This vulnerability allows authenticated attackers to execute arbitrary commands within Appsmith Dock | |
| 63 | CVE-2025-52053 |
|
98.5th | 9.8 | This is a critical command injection vulnerability in TOTOLINK X6000R routers that allows unauthenti | |
| 64 | CVE-2024-12847 |
|
98.5th | 9.8 | This CVE describes an authentication bypass vulnerability in NETGEAR DGN1000 routers that allows rem | |
| 65 | CVE-2024-58136 |
|
98.5th | 9.0 | KEV | This CVE describes a security regression in Yii 2 framework where improper handling of behavior atta |
| 66 | CVE-2025-32375 |
|
98.5th | 9.8 | CVE-2025-32375 is an insecure deserialization vulnerability in BentoML's runner server that allows r | |
| 67 | CVE-2025-10035 |
|
98.5th | 10.0 | KEV | A critical deserialization vulnerability in Fortra's GoAnywhere MFT License Servlet allows attackers |
| 68 | CVE-2025-42999 |
|
98.5th | 9.1 | KEV | CVE-2025-42999 is a deserialization vulnerability in SAP NetWeaver Visual Composer Metadata Uploader |
| 69 | CVE-2012-10020 |
|
98.4th | 9.8 | The FoxyPress WordPress plugin versions up to 0.4.2.1 allow unauthenticated attackers to upload arbi | |
| 70 | CVE-2025-23061 |
|
98.4th | 9.0 | Mongoose before version 8.9.5 contains a search injection vulnerability when using nested $where fil | |
| 71 | CVE-2012-10019 |
|
98.4th | 9.8 | The Front End Editor WordPress plugin before version 2.3 allows unauthenticated attackers to upload | |
| 72 | CVE-2025-48703 |
|
98.4th | 9.0 | KEV | CVE-2025-48703 allows unauthenticated attackers to execute arbitrary commands on CWP (Control Web Pa |
| 73 | CVE-2015-10138 |
|
98.4th | 9.8 | The Work The Flow File Upload WordPress plugin has an unauthenticated arbitrary file upload vulnerab | |
| 74 | CVE-2025-24865 |
|
98.4th | 10.0 | CVE-2025-24865 allows unauthenticated access to the mySCADA myPRO Manager administrative web interfa | |
| 75 | CVE-2015-10143 |
|
98.4th | 9.8 | The Platform theme for WordPress has an authentication bypass vulnerability that allows unauthentica | |
| 76 | CVE-2010-20113 |
|
98.3th | 9.8 | This vulnerability allows remote attackers to execute arbitrary code on EasyFTP Server by exploiting | |
| 77 | CVE-2025-54309 |
|
98.3th | 9.0 | KEV | This vulnerability in CrushFTP allows remote attackers to bypass AS2 validation and gain administrat |
| 78 | CVE-2015-10135 |
|
98.3th | 9.8 | The WPshop 2 E-Commerce plugin for WordPress versions before 1.3.9.6 allows unauthenticated attacker | |
| 79 | CVE-2025-9242 |
|
98.3th | 9.8 | KEV | An out-of-bounds write vulnerability in WatchGuard Fireware OS allows remote unauthenticated attacke |
| 80 | CVE-2026-1731 |
|
98.3th | 9.8 | KEV | BeyondTrust Remote Support and older Privileged Remote Access versions contain a critical pre-authen |
| 81 | CVE-2025-62368 |
|
98.3th | 9.0 | This CVE describes a remote code execution vulnerability in Taiga project management platform due to | |
| 82 | CVE-2025-55182 |
|
98.3th | 10.0 | KEV | A critical pre-authentication remote code execution vulnerability exists in React Server Components |
| 83 | CVE-2013-10040 |
|
98.2th | 9.8 | CVE-2013-10040 is an unauthenticated arbitrary file upload vulnerability in ClipBucket versions 2.6 | |
| 84 | CVE-2013-10048 |
|
98.2th | 9.8 | This CVE describes an unauthenticated remote command execution vulnerability in legacy D-Link router | |
| 85 | CVE-2025-22224 |
|
98.2th | 9.3 | KEV | This CVE describes a TOCTOU vulnerability in VMware ESXi and Workstation that allows local administr |
| 86 | CVE-2022-3365 |
|
98.1th | 9.8 | CVE-2022-3365 allows remote attackers to execute arbitrary operating system commands on systems runn | |
| 87 | CVE-2023-53941 |
|
98.1th | 9.8 | EasyPHP Webserver 14.1 contains an unauthenticated OS command injection vulnerability that allows re | |
| 88 | CVE-2025-14611 |
|
98.1th | 9.8 | KEV | This vulnerability in Gladinet CentreStack and Triofox involves hardcoded AES encryption keys, allow |
| 89 | CVE-2025-34299 |
|
98.1th | 9.8 | CVE-2025-34299 is an unauthenticated arbitrary file upload vulnerability in Monsta FTP versions 2.11 | |
| 90 | CVE-2025-36846 |
|
98.1th | 9.8 | This vulnerability allows unauthenticated attackers to execute arbitrary operating system commands o | |
| 91 | CVE-2025-22457 |
|
98th | 9.0 | KEV | A stack-based buffer overflow vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA Gateway |
| 92 | CVE-2026-23760 |
|
98th | 9.8 | KEV | CVE-2026-23760 is an authentication bypass vulnerability in SmarterMail's password reset API that al |
| 93 | CVE-2012-10021 |
|
98th | 9.8 | This CVE describes a critical stack-based buffer overflow vulnerability in D-Link DIR-605L routers t | |
| 94 | CVE-2026-1281 |
|
97.9th | 9.8 | KEV | CVE-2026-1281 is a critical code injection vulnerability in Ivanti Endpoint Manager Mobile (EPMM) th |
| 95 | CVE-2025-50201 |
|
97.9th | 9.8 | CVE-2025-50201 is an unauthenticated OS command injection vulnerability in WeGIA web management soft | |
| 96 | CVE-2025-2294 |
|
97.9th | 9.8 | The Kubio AI Page Builder WordPress plugin has a Local File Inclusion vulnerability that allows unau | |
| 97 | CVE-2011-10018 |
|
97.9th | 9.8 | CVE-2011-10018 is a critical backdoor vulnerability in myBB 1.6.4 that allows unauthenticated remote | |
| 98 | CVE-2025-22604 |
|
97.9th | 9.1 | CVE-2025-22604 is a command injection vulnerability in Cacti's SNMP result parser that allows authen | |
| 99 | CVE-2025-32433 |
|
97.7th | 10.0 | KEV | This CVE describes a critical vulnerability in Erlang/OTP's SSH server that allows unauthenticated r |
| 100 | CVE-2025-6205 |
|
97.7th | 9.1 | KEV | A missing authorization vulnerability in DELMIA Apriso allows attackers to bypass authentication and |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free