Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
51	CVE-2025-15224	0.05%	16.5th	3.1	Curl incorrectly uses SSH agent authentication for SCP/SFTP transfers even when explicitly configure
52	CVE-2026-22611	0.05%	16.1th	3.7	The AWS SDK for .NET vulnerability allows attackers with environment access to redirect AWS API call
53	CVE-2025-9218	0.05%	16.2th	3.7	The rtMedia plugin for WordPress (also used with BuddyPress and bbPress) versions 4.7.0 to 4.7.3 has
54	CVE-2025-15117	0.05%	16th	3.1	This vulnerability in Dromara Sa-Token allows remote attackers to execute arbitrary code through ins
55	CVE-2025-13643	0.05%	16.2th	3.1	A privilege escalation vulnerability in MongoDB Server allows users with limited privileges to termi
56	CVE-2025-15153	0.05%	16.2th	3.7	This vulnerability in PbootCMS allows attackers to access sensitive files or directories through man
57	CVE-2025-12616	0.05%	15.9th	3.7	This vulnerability in PHPGurukul News Portal 1.0 allows remote attackers to extract sensitive inform
58	CVE-2025-15214	0.05%	15.8th	2.4	This vulnerability allows attackers to inject malicious scripts into the Campcodes Park Ticketing Sy
59	CVE-2025-15105	0.05%	15.6th	3.7	This vulnerability in getmaxun maxun up to version 0.0.28 involves the use of hard-coded cryptograph
60	CVE-2025-15121	0.05%	15.8th	2.4	This vulnerability in JeecgBoot allows attackers to exploit the getDeptRoleByUserId function by mani
61	CVE-2026-0988	0.05%	15.7th	3.7	An integer overflow vulnerability in glib's g_buffered_input_stream_peek() function allows attackers
62	CVE-2025-13805	0.05%	15.8th	3.7	This vulnerability in NutzBoot's LiteRpc-Serializer component allows remote attackers to execute arb
63	CVE-2025-14651	0.05%	15.6th	3.7	This vulnerability in MartialBE one-hub involves the use of a hard-coded cryptographic key for sessi
64	CVE-2026-22920	0.05%	15.7th	3.7	This vulnerability affects devices where passwords are stored without proper salting, allowing attac
65	CVE-2025-67639	0.05%	15.2th	3.5	A CSRF vulnerability in Jenkins allows attackers to trick authenticated users into logging into the
66	CVE-2025-15005	0.05%	15.6th	3.7	CVE-2025-15005 is a security vulnerability in CouchCMS up to version 2.4 where the reCAPTCHA handler
67	CVE-2025-11219	0.05%	15.3th	3.1	A use-after-free vulnerability in Chrome's V8 JavaScript engine allows attackers to potentially acce
68	CVE-2025-36102	0.05%	14.9th	2.7	This vulnerability allows privileged users in IBM Controller/Cognos Controller to bypass server-side
69	CVE-2026-2391	0.05%	15.2th	3.7	This vulnerability in the qs library allows attackers to bypass array size limits when comma-separat
70	CVE-2025-15219	0.05%	15th	3.5	This is a cross-site scripting (XSS) vulnerability in SohuTV CacheCloud that allows attackers to inj
71	CVE-2026-1588	0.05%	15th	2.7	This CVE describes a path traversal vulnerability in jshERP up to version 3.6 that allows remote att
72	CVE-2025-15175	0.05%	15th	3.5	This is a cross-site scripting (XSS) vulnerability in SohuTV CacheCloud that allows attackers to inj
73	CVE-2025-65046	0.05%	14.6th	3.1	This vulnerability in Microsoft Edge allows attackers to spoof content in the browser's address bar
74	CVE-2025-4614	0.05%	14.9th	2.7	An authenticated administrator in Palo Alto Networks PAN-OS software can view session tokens of user
75	CVE-2026-1743	0.05%	14.7th	3.1	This CVE describes an authentication bypass vulnerability in DJI drone models (Mavic Mini, Air, Spar
76	CVE-2025-13584	0.05%	14.2th	3.5	This is a stored cross-site scripting (XSS) vulnerability in Eigenfocus up to version 1.4.0. Attacke
77	CVE-2026-1791	0.05%	14.3th	2.7	This vulnerability allows attackers to upload malicious files to Hillstone Networks Operation and Ma
78	CVE-2025-13182	0.05%	14.5th	3.5	This vulnerability allows attackers to inject malicious scripts via the Title parameter in the pojoi
79	CVE-2026-23522	0.05%	14.4th	3.7	This vulnerability in LobeChat allows authenticated users to delete files from any knowledge base wi
80	CVE-2025-14822	0.05%	14.3th	3.1	Mattermost versions 10.11.0 through 10.11.8 have a CPU exhaustion vulnerability where authenticated
81	CVE-2025-13232	0.05%	14.2th	3.5	This CVE describes a cross-site scripting (XSS) vulnerability in ProjectSend's File Editor/Custom Do
82	CVE-2025-15107	0.05%	14.2th	3.7	This vulnerability in ActionTech SQLE involves a hard-coded cryptographic key in the JWT Secret Hand
83	CVE-2025-20385	0.05%	14.3th	2.4	This is a stored cross-site scripting (XSS) vulnerability in Splunk Enterprise and Splunk Cloud Plat
84	CVE-2025-65228	0.05%	14.1th	3.5	A stored cross-site scripting vulnerability in the R.V.R. Elettronica TLK302T telemetry controller w
85	CVE-2025-65858	0.05%	14.1th	3.5	A stored cross-site scripting vulnerability in Calibre-Web allows attackers to inject malicious Java
86	CVE-2025-13469	0.05%	13.8th	2.4	This vulnerability allows attackers to inject malicious scripts into the payment instructions settin
87	CVE-2026-23996	0.05%	13.6th	3.7	FastAPI API Key version 1.1.0 has a timing side-channel vulnerability in verify_key() that allows at
88	CVE-2025-15242	0.05%	13.7th	3.1	A race condition vulnerability exists in PHPEMS coupon handling functionality, allowing attackers to
89	CVE-2025-14697	0.05%	13.8th	3.7	This vulnerability in Shenzhen Sixun Software Sixun Shanghui Group Business Management System allows
90	CVE-2025-13412	0.04%	13.2th	2.4	Campcodes Retro Basketball Shoes Online Store 1.0 contains a cross-site scripting (XSS) vulnerabilit
91	CVE-2025-13484	0.04%	13.2th	2.4	This vulnerability allows attackers to inject malicious scripts into the Campcodes Complete Online B
92	CVE-2025-15398	0.04%	13.1th	3.7	This vulnerability in Uasoft Badaso allows attackers to exploit weak password recovery mechanisms in
93	CVE-2025-15454	0.04%	12.9th	3.1	This CVE describes a cross-site scripting (XSS) vulnerability in zhanglun lettura RSS reader softwar
94	CVE-2025-14005	0.04%	13th	2.4	This is a cross-site scripting (XSS) vulnerability in XunRuiCMS up to version 4.7.1 that allows atta
95	CVE-2025-14007	0.04%	13th	2.0	This vulnerability allows attackers to inject malicious scripts via the domain name binding page in
96	CVE-2025-55254	0.04%	12.8th	3.7	This vulnerability in HCL BigFix Remote Control Lite Web Portal allows attackers to execute maliciou
97	CVE-2025-14013	0.04%	13th	2.4	This vulnerability allows attackers to inject malicious scripts into JIZHICMS comment sections throu
98	CVE-2025-13784	0.04%	13th	2.4	This is a cross-site scripting (XSS) vulnerability in the yungifez Skuul School Management System th
99	CVE-2025-14244	0.04%	13th	2.4	GreenCMS 2.3.0603 contains a cross-site scripting (XSS) vulnerability in the Menu Management Page's
100	CVE-2025-20388	0.04%	13.1th	2.7	This vulnerability allows authenticated users with the 'change_authentication' capability to enumera

← Previous Page 2 of 9 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free