Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Flags	Summary
1051	CVE-2025-14485	1.56%	81.1th	5.0		This CVE describes a command injection vulnerability in the EFM ipTIME A3004T router's administrator
1052	CVE-2026-0773	1.55%	81.1th	9.8		CVE-2026-0773 is a critical remote code execution vulnerability in Upsonic's Cloudpickle deserializa
1053	CVE-2026-0764	1.55%	81.1th	9.8		CVE-2026-0764 is a critical deserialization vulnerability in GPT Academic's upload endpoint that all
1054	CVE-2026-0763	1.55%	81.1th	9.8		CVE-2026-0763 is a critical deserialization vulnerability in GPT Academic's run_in_subprocess_wrappe
1055	CVE-2026-0760	1.55%	81.1th	9.8		CVE-2026-0760 is a critical remote code execution vulnerability in Foundation Agents MetaGPT's deser
1056	CVE-2020-36867	1.55%	81.1th	8.8		This vulnerability allows authenticated attackers in Nagios XI to execute arbitrary commands on the
1057	CVE-2025-59285	1.55%	81.1th	7.0		CVE-2025-59285 is a deserialization vulnerability in Azure Monitor Agent that allows authenticated a
1058	CVE-2025-2249	1.55%	81.1th	8.8		The SoJ SoundSlides WordPress plugin allows authenticated attackers with Contributor-level access or
1059	CVE-2025-32701	1.54%	81.1th	7.8	KEV	This vulnerability is a use-after-free flaw in the Windows Common Log File System Driver that allows
1060	CVE-2026-1623	1.54%	81.1th	6.3		This CVE describes a remote command injection vulnerability in Totolink A7000R routers. Attackers ca
1061	CVE-2025-9713	1.54%	81th	8.8		CVE-2025-9713 is a path traversal vulnerability in Ivanti Endpoint Manager (EPM) that allows remote
1062	CVE-2025-2263	1.54%	81th	9.8		This vulnerability allows unauthenticated remote attackers to execute arbitrary code on Sante PACS S
1063	CVE-2024-13471	1.53%	81th	7.5		The DesignThemes Core Features WordPress plugin contains a file inclusion vulnerability that allows
1064	CVE-2025-4603	1.53%	81th	9.1		The eMagicOne Store Manager for WooCommerce WordPress plugin has an arbitrary file deletion vulnerab
1065	CVE-2025-21206	1.53%	81th	7.3		This vulnerability in Visual Studio Installer allows attackers to elevate privileges on Windows syst
1066	CVE-2025-2505	1.53%	81th	9.8		The Age Gate WordPress plugin contains a Local File Inclusion vulnerability that allows unauthentica
1067	CVE-2024-12419	1.52%	80.9th	6.5		This vulnerability allows unauthenticated attackers to execute arbitrary WordPress shortcodes throug
1068	CVE-2025-46347	1.52%	80.9th	9.8		YesWiki versions before 4.5.4 contain a remote code execution vulnerability that allows attackers to
1069	CVE-2025-14204	1.51%	80.9th	6.3		This vulnerability allows remote attackers to execute arbitrary operating system commands on systems
1070	CVE-2025-28072	1.51%	80.9th	7.5		PHPGurukul Pre-School Enrollment System contains a directory traversal vulnerability in manage-teach
1071	CVE-2025-33072	1.5%	80.8th	8.1		An improper access control vulnerability in Microsoft Azure allows unauthorized attackers to access
1072	CVE-2025-29926	1.5%	80.8th	9.8		This vulnerability allows any user to exploit the WikiManager REST API in XWiki Platform to create a
1073	CVE-2025-44071	1.49%	80.7th	9.8		SeaCMS v13.3 contains a remote code execution vulnerability in phomebak.php that allows attackers to
1074	CVE-2025-21354	1.48%	80.7th	8.4		This vulnerability allows remote code execution through specially crafted Excel files. Attackers can
1075	CVE-2025-26349	1.48%	80.7th	7.2		This vulnerability allows authenticated remote attackers to overwrite arbitrary files on Q-Free MaxT
1076	CVE-2024-13499	1.48%	80.6th	7.3		This vulnerability allows unauthenticated attackers to execute arbitrary WordPress shortcodes throug
1077	CVE-2025-0429	1.47%	80.6th	7.2		This vulnerability allows authenticated WordPress administrators to perform PHP object injection thr
1078	CVE-2025-0428	1.47%	80.6th	7.2		The AI Power: Complete AI Pack WordPress plugin up to version 1.8.96 contains a PHP object injection
1079	CVE-2026-21226	1.47%	80.6th	7.5		This vulnerability in Azure Core shared client library for Python allows deserialization of untruste
1080	CVE-2026-1499	1.47%	80.6th	9.8		The WP Duplicate plugin for WordPress has a critical vulnerability that allows authenticated attacke
1081	CVE-2025-0855	1.47%	80.6th	9.8		The PGS Core WordPress plugin is vulnerable to PHP Object Injection via insecure deserialization in
1082	CVE-2024-55371	1.46%	80.6th	9.8		Wallos versions up to 2.38.2 contain a file upload vulnerability in the restore backup function that
1083	CVE-2025-6225	1.46%	80.5th	N/A		CVE-2025-6225 is a shell command injection vulnerability in Kieback&Peter Neutrino-GLT building mana
1084	CVE-2022-50794	1.46%	80.5th	9.8		This vulnerability allows unauthenticated attackers to execute arbitrary system commands on SOUND4 I
1085	CVE-2025-2005	1.45%	80.5th	9.8		The Front End Users WordPress plugin allows unauthenticated attackers to upload arbitrary files thro
1086	CVE-2026-1761	1.45%	80.5th	8.6		A stack-based buffer overflow vulnerability in libsoup allows remote attackers to execute arbitrary
1087	CVE-2022-46763	1.45%	80.4th	8.8		This SQL injection vulnerability in TrueConf Server allows low-privileged database users to execute
1088	CVE-2018-25122	1.44%	80.4th	8.8		This vulnerability allows authenticated users of Nagios XI to execute arbitrary commands on the serv
1089	CVE-2025-4210	1.44%	80.4th	7.3		This critical vulnerability in Casdoor allows attackers to bypass authorization checks when creating
1090	CVE-2024-54806	1.44%	80.4th	9.8		CVE-2024-54806 allows remote attackers to execute arbitrary system commands on Netgear WNR854T route
1091	CVE-2022-50691	1.44%	80.4th	9.8		CVE-2022-50691 is a critical remote command execution vulnerability in MiniDVBLinux 5.4 that allows
1092	CVE-2023-53914	1.44%	80.4th	9.8		CVE-2023-53914 is an authentication bypass vulnerability in UliCMS 2023.1 that allows unauthenticate
1093	CVE-2025-64525	1.43%	80.4th	6.5		Astro web framework versions 2.16.0 to 5.15.4 with on-demand rendering are vulnerable to header inje
1094	CVE-2025-25744	1.43%	80.3th	9.8		This vulnerability allows remote attackers to execute arbitrary code on D-Link DIR-853 A1 routers by
1095	CVE-2025-49581	1.43%	80.3th	8.8		This vulnerability in XWiki allows users with edit rights on any page (including their own profile)
1096	CVE-2024-10215	1.43%	80.3th	9.8		The WPBookit WordPress plugin vulnerability allows unauthenticated attackers to change any user's pa
1097	CVE-2024-39784	1.42%	80.3th	9.1		This CVE describes multiple command injection vulnerabilities in the Wavlink AC3000 router's nas.cgi
1098	CVE-2024-39764	1.42%	80.3th	9.1		This CVE describes multiple OS command injection vulnerabilities in Wavlink AC3000 routers that allo
1099	CVE-2024-39762	1.42%	80.3th	9.1		This CVE describes multiple OS command injection vulnerabilities in the Wavlink AC3000 router's inte
1100	CVE-2024-39794	1.42%	80.3th	9.1		This vulnerability allows authenticated attackers to bypass permissions and inject configuration com

← Previous Page 22 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free