Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
1001	CVE-2025-4820	0.25%	48.3th	5.3	This vulnerability in Cloudflare's quiche QUIC library allows attackers to manipulate congestion con
1002	CVE-2025-49559	0.25%	48.3th	5.3	This CVE describes a path traversal vulnerability in Adobe Commerce that allows attackers to bypass
1003	CVE-2024-12332	0.25%	48.3th	6.5	The WPSchoolPress WordPress plugin contains a SQL injection vulnerability in the 'cid' parameter tha
1004	CVE-2025-10548	0.25%	48.2th	6.5	CleverControl employee monitoring software fails to validate TLS certificates during installation, a
1005	CVE-2024-10970	0.25%	48.1th	5.4	This vulnerability allows authenticated WordPress users with Subscriber-level access or higher to ex
1006	CVE-2025-2748	0.25%	48.2th	6.1	Kentico Xperience has a stored cross-site scripting (XSS) vulnerability in its multiple-file upload
1007	CVE-2025-27980	0.25%	48.1th	6.5	Cashbook v4.0.3 contains an arbitrary file read vulnerability in the /api/entry/flow/invoice/show en
1008	CVE-2023-53775	0.25%	48th	6.5	CVE-2023-53775 is an authentication bypass vulnerability in Screen SFT DAB 1.9.3 that allows attacke
1009	CVE-2025-9952	0.25%	47.9th	6.1	This vulnerability allows unauthenticated attackers to inject malicious scripts via the 'range-date'
1010	CVE-2024-11499	0.25%	47.8th	4.9	An authenticated attacker can trigger a restart of RTU500 CMU units by updating certificates during
1011	CVE-2025-46550	0.25%	47.7th	4.3	This is a reflected cross-site scripting (XSS) vulnerability in YesWiki's /?BazaR endpoint via the i
1012	CVE-2025-33028	0.25%	47.8th	6.1	This CVE describes a Mark-of-the-Web bypass vulnerability in WinZip where extracted files from craft
1013	CVE-2025-5257	0.25%	47.8th	6.5	This vulnerability allows unauthenticated users to access unpublished page previews in Mautic via pr
1014	CVE-2025-8310	0.25%	47.8th	6.5	This vulnerability allows authenticated remote attackers to reset administrator passwords in Ivanti
1015	CVE-2025-13320	0.25%	47.7th	6.8	The WP User Manager WordPress plugin has an arbitrary file deletion vulnerability that allows authen
1016	CVE-2025-25186	0.25%	47.7th	6.5	This vulnerability in Ruby's Net::IMAP library allows a malicious IMAP server to cause denial of ser
1017	CVE-2025-1705	0.25%	47.7th	6.1	The tagDiv Composer WordPress plugin has a CSRF vulnerability that allows unauthenticated attackers
1018	CVE-2025-2339	0.25%	47.7th	5.3	CVE-2025-2339 is an improper authentication vulnerability in otale Tale Blog 2.0.5 that allows remot
1019	CVE-2025-3573	0.25%	47.7th	6.1	This vulnerability allows attackers to inject malicious scripts into web pages using the jQuery Vali
1020	CVE-2025-32201	0.25%	47.6th	4.3	This CVE describes a missing authorization vulnerability in the Xpro Theme Builder WordPress plugin
1021	CVE-2025-68389	0.25%	47.7th	6.5	This vulnerability allows authenticated Kibana users with low privileges to send crafted HTTP reques
1022	CVE-2025-21566	0.25%	47.6th	6.5	This vulnerability in Oracle MySQL Server's optimizer component allows attackers with low-privileged
1023	CVE-2024-12806	0.25%	47.6th	4.9	This post-authentication absolute path traversal vulnerability in SonicOS management interfaces allo
1024	CVE-2024-7425	0.25%	47.6th	6.8	The WP ALL Export Pro WordPress plugin has an authentication bypass vulnerability that allows authen
1025	CVE-2025-3407	0.25%	47.6th	6.3	This critical vulnerability in the stb library allows remote attackers to trigger an out-of-bounds r
1026	CVE-2025-32703	0.25%	47.6th	5.5	This vulnerability in Visual Studio allows authenticated local attackers to bypass access controls a
1027	CVE-2025-0353	0.25%	47.5th	6.4	The Divi Torque Lite WordPress plugin has a stored cross-site scripting vulnerability that allows au
1028	CVE-2025-21242	0.25%	47.5th	5.9	This Windows Kerberos vulnerability allows attackers to disclose sensitive information from memory.
1029	CVE-2024-12158	0.25%	47.5th	5.3	This vulnerability allows unauthenticated attackers to delete database data in the Ultimate Popup Cr
1030	CVE-2025-26619	0.25%	47.4th	6.1	This vulnerability allows attackers to execute arbitrary JavaScript functions through Vega's express
1031	CVE-2024-55060	0.25%	47.5th	6.1	This cross-site scripting (XSS) vulnerability in Rafed CMS Website v1.44 allows attackers to inject
1032	CVE-2024-9618	0.25%	47.5th	6.4	This stored XSS vulnerability in the Master Addons WordPress plugin allows authenticated attackers w
1033	CVE-2025-1816	0.25%	47.5th	4.3	A memory leak vulnerability in FFmpeg's IAMF file handler allows remote attackers to cause resource
1034	CVE-2025-25984	0.24%	47.3th	6.8	This vulnerability in Macro-video Technologies V380E6_C1 IP cameras allows a physically proximate at
1035	CVE-2025-29453	0.24%	47.4th	6.5	This vulnerability in Personal Management System 1.4.65 allows remote attackers to access sensitive
1036	CVE-2025-29454	0.24%	47.4th	6.5	A Server-Side Request Forgery (SSRF) vulnerability in Personal Management System version 1.4.65 allo
1037	CVE-2025-29449	0.24%	47.4th	6.5	A Server-Side Request Forgery (SSRF) vulnerability in twonav v2.1.18-20241105 allows remote attacker
1038	CVE-2025-62649	0.24%	47.4th	5.8	This vulnerability allows attackers to submit unauthorized equipment orders by bypassing server-side
1039	CVE-2025-0473	0.24%	47.2th	6.5	This vulnerability in the PMB platform allows attackers to persist temporary files on the server by
1040	CVE-2025-21215	0.24%	47.2th	4.6	CVE-2025-21215 is a Secure Boot security feature bypass vulnerability that allows attackers with phy
1041	CVE-2025-25462	0.24%	47.3th	5.5	A SQL injection vulnerability in PHPGurukul Land Record System v1.0 allows remote attackers to execu
1042	CVE-2024-12510	0.24%	47.3th	6.7	This vulnerability in Xerox printers allows attackers with admin access to redirect LDAP authenticat
1043	CVE-2024-47239	0.24%	47.2th	6.5	Dell PowerScale OneFS versions 8.2.2.x through 9.9.0.0 contain an uncontrolled resource consumption
1044	CVE-2025-26350	0.24%	47.2th	4.9	This vulnerability allows authenticated remote attackers to upload malicious files to Q-Free MaxTime
1045	CVE-2025-11939	0.24%	47.2th	4.7	This vulnerability in ChurchCRM allows attackers to perform path traversal attacks via the restoreFi
1046	CVE-2024-12030	0.24%	47.1th	6.5	This SQL injection vulnerability in the MDTF WordPress plugin allows authenticated attackers with Co
1047	CVE-2023-36881	0.24%	47.1th	4.5	CVE-2023-36881 is a cross-site scripting (XSS) vulnerability in Azure Apache Ambari that allows atta
1048	CVE-2025-0570	0.24%	47th	6.5	This vulnerability allows authenticated remote attackers to cause denial-of-service conditions on Sa
1049	CVE-2024-23814	0.24%	47th	5.3	This vulnerability allows unauthenticated remote attackers to cause a temporary denial of service in
1050	CVE-2018-15899	0.24%	47th	6.1	This is a cross-site scripting (XSS) vulnerability in MiniCMS 1.10 that allows attackers to inject m

← Previous Page 21 of 331 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free