Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
1001	CVE-2025-26927	0.41%	61.1th	10.0	This critical vulnerability in the EPC AI Hub WordPress plugin allows attackers to upload arbitrary
1002	CVE-2025-11200	0.41%	61th	9.8	This vulnerability allows remote attackers to bypass authentication in MLflow installations due to w
1003	CVE-2024-8502	0.41%	61th	9.8	This vulnerability allows remote attackers to execute arbitrary code on servers running modelscope/a
1004	CVE-2025-6559	0.41%	61th	9.8	Multiple Sapido wireless router models contain an unauthenticated remote OS command injection vulner
1005	CVE-2025-48626	0.41%	61th	9.8	This Android vulnerability allows attackers to launch applications from the background without user
1006	CVE-2025-4104	0.41%	60.9th	9.8	The Frontend Dashboard WordPress plugin versions 1.0 to 2.2.6 contain a privilege escalation vulnera
1007	CVE-2025-67489	0.41%	60.9th	9.8	CVE-2025-67489 allows remote attackers to execute arbitrary code on Vite development servers using v
1008	CVE-2025-27096	0.41%	60.8th	9.8	A SQL injection vulnerability in WeGIA's personalizacao_upload.php endpoint allows authenticated att
1009	CVE-2025-26610	0.41%	60.8th	9.8	A SQL injection vulnerability in WeGIA's restaurar_produto_desocultar.php endpoint allows authentica
1010	CVE-2025-3623	0.41%	60.8th	9.1	The Uncanny Automator WordPress plugin contains a PHP object injection vulnerability that allows una
1011	CVE-2025-9809	0.41%	60.6th	9.8	This vulnerability allows remote attackers to execute arbitrary code by providing a specially crafte
1012	CVE-2025-46122	0.41%	60.6th	9.1	This vulnerability allows authenticated attackers to execute arbitrary commands as root on Ruckus Un
1013	CVE-2025-24957	0.41%	60.5th	9.8	This SQL injection vulnerability in WeGIA's get_detalhes_socio.php endpoint allows authenticated att
1014	CVE-2025-24905	0.41%	60.5th	9.8	CVE-2025-24905 is a critical SQL injection vulnerability in WeGIA's get_codigobarras_cobranca.php en
1015	CVE-2025-8854	0.41%	60.5th	9.8	A stack-based buffer overflow vulnerability in bulletphysics bullet3's LoadOFF function allows remot
1016	CVE-2025-20260	0.41%	60.4th	9.8	A critical buffer overflow vulnerability in ClamAV's PDF scanning allows remote attackers to crash t
1017	CVE-2025-5309	0.41%	60.4th	9.8	A Server-Side Template Injection vulnerability in BeyondTrust's Remote Support and Privileged Remote
1018	CVE-2025-50475	0.41%	60.5th	9.8	An unauthenticated OS command injection vulnerability in Russound MBX-PRE-D67F firmware allows attac
1019	CVE-2025-30841	0.4%	60.4th	9.9	This path traversal vulnerability in the Countdown & Clock WordPress plugin allows attackers to incl
1020	CVE-2026-2095	0.4%	60.2th	9.8	Agentflow software from Flowring contains an authentication bypass vulnerability that allows unauthe
1021	CVE-2025-61808	0.4%	60.2th	9.1	This vulnerability allows high-privileged attackers to upload dangerous file types to ColdFusion ser
1022	CVE-2026-1357	0.4%	60.1th	9.8	This vulnerability allows unauthenticated attackers to upload arbitrary PHP files to WordPress sites
1023	CVE-2025-53766	0.4%	60th	9.8	A heap-based buffer overflow vulnerability in Windows GDI+ allows remote attackers to execute arbitr
1024	CVE-2025-31691	0.4%	59.9th	9.8	This vulnerability allows attackers to bypass authorization checks in Drupal OAuth2 Server through f
1025	CVE-2025-29315	0.4%	59.9th	9.8	This vulnerability allows attackers to bypass Shiro-based RBAC controls in OpenDaylight SFC, enablin
1026	CVE-2024-55573	0.39%	59.8th	9.1	A critical SQL injection vulnerability in Centreon centreon-web allows authenticated users with high
1027	CVE-2025-26325	0.39%	59.8th	9.8	ShopXO 6.4.0 contains an unrestricted file upload vulnerability in ThemeDataService.php that allows
1028	CVE-2024-29643	0.39%	59.8th	9.1	This vulnerability allows attackers to perform Host header injection in Croogo v3.0.2 via the feed.r
1029	CVE-2023-54329	0.39%	59.8th	9.8	CVE-2023-54329 is a critical remote command execution vulnerability in Inbit Messenger versions 4.6.
1030	CVE-2025-0867	0.39%	59.7th	9.9	This vulnerability allows standard users to execute commands with administrative privileges through
1031	CVE-2025-32583	0.39%	59.7th	9.9	This vulnerability allows remote attackers to execute arbitrary code on systems running vulnerable v
1032	CVE-2025-31715	0.39%	59.6th	9.8	CVE-2025-31715 is a command injection vulnerability in vowifi service that allows remote attackers t
1033	CVE-2025-12871	0.39%	59.7th	9.8	CVE-2025-12871 is an authentication abuse vulnerability in a+HRD software that allows unauthenticate
1034	CVE-2025-22937	0.39%	59.5th	9.8	This vulnerability in Adtran 411 ONT devices allows attackers to escalate privileges from a lower-pr
1035	CVE-2025-31330	0.39%	59.5th	9.9	CVE-2025-31330 is a critical code injection vulnerability in SAP Landscape Transformation (SLT) that
1036	CVE-2025-27429	0.39%	59.5th	9.9	This critical vulnerability in SAP S/4HANA allows authenticated users to inject arbitrary ABAP code
1037	CVE-2024-45438	0.39%	59.5th	9.1	CVE-2024-45438 is an authentication bypass vulnerability in TitanHQ SpamTitan Email Security Gateway
1038	CVE-2025-6688	0.39%	59.5th	9.8	The Simple Payment WordPress plugin contains an authentication bypass vulnerability that allows unau
1039	CVE-2025-4973	0.39%	59.5th	9.8	The Workreap WordPress plugin has an authentication bypass vulnerability that allows unauthenticated
1040	CVE-2025-24102	0.39%	59.3th	9.8	This CVE describes an information disclosure vulnerability in Apple operating systems where an app c
1041	CVE-2025-47781	0.39%	59.3th	9.8	CVE-2025-47781 allows unauthenticated attackers to brute-force 6-digit authentication tokens in Rall
1042	CVE-2025-62521	0.39%	59.3th	10.0	CVE-2025-62521 is a critical pre-authentication remote code execution vulnerability in ChurchCRM tha
1043	CVE-2025-9113	0.39%	59.2th	9.8	The Doccure WordPress theme allows unauthenticated attackers to upload arbitrary files due to missin
1044	CVE-2024-49688	0.38%	59.2th	9.8	This vulnerability allows unauthenticated attackers to perform PHP object injection through deserial
1045	CVE-2025-1066	0.38%	59.1th	9.8	OpenPLC_V3 contains an arbitrary file upload vulnerability that allows attackers to upload malicious
1046	CVE-2025-3603	0.38%	59.1th	9.8	The Flynax Bridge WordPress plugin has a critical authentication bypass vulnerability that allows un
1047	CVE-2024-57473	0.38%	59.1th	9.8	H3C N12 V100R005 routers contain a critical buffer overflow vulnerability in the MAC address editing
1048	CVE-2024-57480	0.38%	59.1th	9.8	H3C N12 V100R005 wireless access points contain a critical buffer overflow vulnerability in their we
1049	CVE-2024-57471	0.38%	59.1th	9.8	H3C N12 V100R005 wireless routers contain a buffer overflow vulnerability in their 2.4G wireless net
1050	CVE-2025-26506	0.38%	59.1th	9.8	This vulnerability allows attackers to execute arbitrary code with elevated privileges on affected H

← Previous Page 21 of 70 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free