Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 1101 | CVE-2025-2325 |
|
66.3th | 7.2 | The WP Test Email plugin for WordPress has a stored cross-site scripting vulnerability that allows u | |
| 1102 | CVE-2025-3641 |
|
66.3th | 8.8 | A remote code execution vulnerability exists in Moodle's Dropbox repository feature, allowing authen | |
| 1103 | CVE-2025-32914 |
|
66.3th | 7.4 | CVE-2025-32914 is an out-of-bounds read vulnerability in libsoup's soup_multipart_new_from_message() | |
| 1104 | CVE-2025-34161 |
|
66.3th | 8.8 | Coolify versions before v4.0.0-beta.420.7 contain a command injection vulnerability in the Git Repos | |
| 1105 | CVE-2025-65562 |
|
66.1th | 7.5 | CVE-2025-65562 is an unauthenticated denial-of-service vulnerability in free5GC UPF where specially | |
| 1106 | CVE-2024-12549 |
|
66th | 7.8 | This vulnerability allows remote attackers to execute arbitrary code by tricking users into opening | |
| 1107 | CVE-2022-50788 |
|
66th | 7.5 | CVE-2022-50788 is an information disclosure vulnerability in SOUND4 IMPACT/FIRST/PULSE/Eco systems t | |
| 1108 | CVE-2025-27617 |
|
65.9th | 8.8 | This SQL injection vulnerability in Pimcore allows authenticated users to craft malicious filter str | |
| 1109 | CVE-2023-53933 |
|
65.9th | 8.8 | CVE-2023-53933 is a remote code execution vulnerability in Serendipity 2.4.0 that allows authenticat | |
| 1110 | CVE-2025-8613 |
|
65.8th | 7.2 | This vulnerability allows authenticated remote attackers to execute arbitrary system commands on Vac | |
| 1111 | CVE-2025-56108 |
|
65.8th | 8.8 | This CVE describes an OS command injection vulnerability in Ruijie X30-PRO routers that allows attac | |
| 1112 | CVE-2024-10930 |
|
65.8th | 7.8 | This vulnerability allows attackers to perform DLL hijacking by placing a malicious DLL in a locatio | |
| 1113 | CVE-2025-21515 |
|
65.7th | 8.8 | This vulnerability in Oracle JD Edwards EnterpriseOne Tools allows authenticated attackers with low | |
| 1114 | CVE-2025-7038 |
|
65.7th | 8.2 | The LatePoint WordPress plugin contains an authentication bypass vulnerability that allows unauthent | |
| 1115 | CVE-2024-13418 |
|
65.7th | 8.8 | This vulnerability allows authenticated WordPress users with Subscriber-level access or higher to up | |
| 1116 | CVE-2025-3616 |
|
65.7th | 8.8 | The Greenshift WordPress plugin versions 11.4 to 11.4.5 contain a vulnerability that allows authenti | |
| 1117 | CVE-2025-5788 |
|
65.7th | 8.8 | This critical vulnerability in TOTOLINK X15 routers allows remote attackers to execute arbitrary cod | |
| 1118 | CVE-2025-5786 |
|
65.7th | 8.8 | A critical buffer overflow vulnerability in TOTOLINK X15 routers allows remote attackers to execute | |
| 1119 | CVE-2025-5785 |
|
65.7th | 8.8 | This critical buffer overflow vulnerability in TOTOLINK X15 routers allows remote attackers to execu | |
| 1120 | CVE-2024-54551 |
|
65.6th | 7.5 | This memory handling vulnerability in Apple's web content processing allows attackers to cause denia | |
| 1121 | CVE-2025-41444 |
|
65.6th | 8.3 | CVE-2025-41444 is an authenticated SQL injection vulnerability in Zohocorp ManageEngine ADAudit Plus | |
| 1122 | CVE-2025-27709 |
|
65.6th | 8.3 | CVE-2025-27709 is an authenticated SQL injection vulnerability in Zohocorp ManageEngine ADAudit Plus | |
| 1123 | CVE-2025-15256 |
|
65.6th | 7.3 | This CVE describes a command injection vulnerability in Edimax BR-6208AC routers that allows remote | |
| 1124 | CVE-2024-36465 |
|
65.5th | 8.8 | A SQL injection vulnerability in Zabbix allows authenticated low-privilege users with API access to | |
| 1125 | CVE-2024-13477 |
|
65.4th | 7.5 | This SQL injection vulnerability in the LTL Freight Quotes WordPress plugin allows unauthenticated a | |
| 1126 | CVE-2025-29986 |
|
65.4th | 8.3 | Dell Common Event Enabler version 9.0.0.0 contains an improper restriction of communication channel | |
| 1127 | CVE-2025-60698 |
|
65.4th | 7.3 | This CVE describes a command injection vulnerability in D-Link DIR-882 router firmware that allows u | |
| 1128 | CVE-2025-60697 |
|
65.4th | 7.3 | This CVE describes a command injection vulnerability in D-Link DIR-882 router firmware that allows u | |
| 1129 | CVE-2025-31387 |
|
65.3th | 7.5 | This vulnerability allows attackers to include local files on the server through improper filename c | |
| 1130 | CVE-2025-30835 |
|
65.3th | 7.5 | This vulnerability allows attackers to include local files on the server through improper filename c | |
| 1131 | CVE-2025-39461 |
|
65.3th | 7.5 | This CVE describes a PHP Local File Inclusion vulnerability in the Docket Cache WordPress plugin. At | |
| 1132 | CVE-2025-39429 |
|
65.3th | 7.5 | This CVE describes a PHP Local File Inclusion vulnerability in the SzΓ©chenyi 2020 Logo WordPress pl | |
| 1133 | CVE-2025-31030 |
|
65.3th | 7.5 | This CVE describes a PHP Local File Inclusion vulnerability in the Ray Enterprise Translation WordPr | |
| 1134 | CVE-2025-26889 |
|
65.3th | 7.5 | This vulnerability allows attackers to include local files on the server through PHP's include/requi | |
| 1135 | CVE-2025-32614 |
|
65.3th | 8.8 | This vulnerability allows attackers to include local files on the server through improper input vali | |
| 1136 | CVE-2025-31098 |
|
65.3th | 7.5 | This CVE describes a PHP Local File Inclusion vulnerability in the DeBounce Email Validator WordPres | |
| 1137 | CVE-2025-2402 |
|
65.3th | 8.6 | KNIME Business Hub uses a hard-coded, non-random password for its MinIO object store, allowing unaut | |
| 1138 | CVE-2024-12705 |
|
65.2th | 7.5 | This vulnerability allows attackers to cause denial-of-service (DoS) against DNS resolvers by floodi | |
| 1139 | CVE-2025-27133 |
|
65.2th | 8.8 | This SQL injection vulnerability in WeGIA allows authenticated attackers to execute arbitrary SQL qu | |
| 1140 | CVE-2025-24902 |
|
65.2th | 8.8 | A SQL injection vulnerability in WeGIA's salvar_cargo.php endpoint allows authenticated attackers to | |
| 1141 | CVE-2025-23319 |
|
65.2th | 8.1 | NVIDIA Triton Inference Server's Python backend has a buffer overflow vulnerability where specially | |
| 1142 | CVE-2021-47758 |
|
65.2th | 8.8 | CVE-2021-47758 allows authenticated attackers to upload malicious PHP plugins through Chikitsa Patie | |
| 1143 | CVE-2024-13353 |
|
65.1th | 8.8 | This vulnerability allows authenticated attackers with Contributor-level access or higher to perform | |
| 1144 | CVE-2025-26670 |
|
65.1th | 8.1 | A use-after-free vulnerability in Windows LDAP allows unauthorized attackers to execute arbitrary co | |
| 1145 | CVE-2025-64050 |
|
65.1th | 7.2 | A Remote Code Execution vulnerability in REDAXO CMS 5.20.0 allows authenticated administrators to in | |
| 1146 | CVE-2025-3266 |
|
65.1th | 7.3 | A critical stack-based buffer overflow vulnerability exists in qinguoyi TinyWebServer versions up to | |
| 1147 | CVE-2025-50735 |
|
65.1th | 7.5 | A directory traversal vulnerability in NextChat's WebDAV proxy allows attackers to access sensitive | |
| 1148 | CVE-2024-9363 |
|
65th | 7.5 | An unauthenticated attacker can delete critical files like polyaxon.sock within Polyaxon containers, | |
| 1149 | CVE-2025-59358 |
|
65th | 7.5 | The Chaos Controller Manager in Chaos Mesh exposes an unauthenticated GraphQL debugging server that | |
| 1150 | CVE-2022-50939 |
|
65th | 7.2 | CVE-2022-50939 is a critical file upload vulnerability in e107 CMS version 3.2.1 that allows authent |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation β making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free