Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 1251 | CVE-2025-26339 |
|
52.5th | 9.8 | This vulnerability allows unauthenticated remote attackers to send crafted HTTP requests to Q-Free M | |
| 1252 | CVE-2025-27667 |
|
52.5th | 9.8 | This vulnerability allows attackers to enumerate administrative user email addresses in Vasion Print | |
| 1253 | CVE-2025-27665 |
|
52.5th | 9.8 | This vulnerability in Vasion Print (formerly PrinterLogic) allows insufficient antivirus protection | |
| 1254 | CVE-2025-61622 |
|
52.5th | 9.8 | This vulnerability allows arbitrary code execution through deserialization of untrusted data in pyfo | |
| 1255 | CVE-2024-57052 |
|
52.3th | 9.8 | A session fixation vulnerability in YoudianCMS v9.5.20 and earlier allows remote attackers to escala | |
| 1256 | CVE-2025-26508 |
|
52.3th | 9.8 | This vulnerability allows attackers to execute arbitrary code and gain elevated privileges on affect | |
| 1257 | CVE-2025-28197 |
|
52.3th | 9.1 | Crawl4AI versions up to 0.4.247 contain a Server-Side Request Forgery (SSRF) vulnerability in the as | |
| 1258 | CVE-2025-56752 |
|
52.3th | 9.4 | This critical authentication bypass vulnerability in Ruijie RG-ES series switches allows remote atta | |
| 1259 | CVE-2025-69766 |
|
52.2th | 9.8 | This vulnerability allows remote attackers to execute arbitrary code on Tenda AX3 routers by exploit | |
| 1260 | CVE-2025-69763 |
|
52.2th | 9.8 | This vulnerability allows remote attackers to execute arbitrary code on Tenda AX3 routers by exploit | |
| 1261 | CVE-2025-69762 |
|
52.2th | 9.8 | This vulnerability allows remote attackers to execute arbitrary code on Tenda AX3 routers by exploit | |
| 1262 | CVE-2024-57581 |
|
52.1th | 9.8 | This vulnerability allows remote attackers to execute arbitrary code on Tenda AC18 routers by exploi | |
| 1263 | CVE-2025-62354 |
|
52.1th | 9.8 | This CVE describes a command injection vulnerability in Cursor that allows unauthorized attackers to | |
| 1264 | CVE-2025-10484 |
|
52.2th | 9.8 | This vulnerability allows unauthenticated attackers to bypass authentication in the Registration & L | |
| 1265 | CVE-2025-2470 |
|
52th | 9.8 | This vulnerability allows unauthenticated attackers to register WordPress accounts with arbitrary ro | |
| 1266 | CVE-2025-46273 |
|
52th | 9.8 | CVE-2025-46273 is a critical vulnerability in UNI-NMS-Lite network management software where hard-co | |
| 1267 | CVE-2025-0502 |
|
52th | 9.1 | This vulnerability allows attackers to access private files and directories in CrafterCMS through im | |
| 1268 | CVE-2025-28091 |
|
52th | 9.1 | This SSRF vulnerability in maccms10 allows attackers to make the server send arbitrary HTTP requests | |
| 1269 | CVE-2025-28089 |
|
52th | 9.1 | This SSRF vulnerability in maccms10 allows attackers to make the server send unauthorized requests t | |
| 1270 | CVE-2025-25650 |
|
51.9th | 9.1 | This vulnerability in Dorset DG 201 Digital Lock allows attackers to clone NFC cards by exploiting i | |
| 1271 | CVE-2025-46661 |
|
52th | 10.0 | CVE-2025-46661 is an unauthenticated remote code execution vulnerability in IPW Systems Metazo throu | |
| 1272 | CVE-2025-7437 |
|
51.9th | 9.8 | The Ebook Store WordPress plugin allows unauthenticated attackers to upload arbitrary files due to m | |
| 1273 | CVE-2025-6679 |
|
51.9th | 9.8 | The Bit Form builder plugin for WordPress allows unauthenticated attackers to upload arbitrary files | |
| 1274 | CVE-2025-10220 |
|
51.9th | 9.8 | This vulnerability allows remote attackers to execute arbitrary code or bypass security features in | |
| 1275 | CVE-2025-15471 |
|
51.9th | 9.8 | This CVE describes a remote command injection vulnerability in TRENDnet TEW-713RE routers. Attackers | |
| 1276 | CVE-2024-51800 |
|
51.8th | 9.8 | CVE-2024-51800 is an incorrect privilege assignment vulnerability in the Favethemes Homey WordPress | |
| 1277 | CVE-2025-32002 |
|
51.9th | 9.8 | This vulnerability allows remote unauthenticated attackers to execute arbitrary operating system com | |
| 1278 | CVE-2025-45968 |
|
51.9th | 9.8 | System PDV v1.0 contains an Insecure Direct Object Reference (IDOR) vulnerability that allows remote | |
| 1279 | CVE-2024-56973 |
|
51.7th | 9.8 | This vulnerability allows remote attackers to execute arbitrary code on Alvaria Unified IP Unified D | |
| 1280 | CVE-2025-12539 |
|
51.7th | 10.0 | The TNC Toolbox: Web Performance WordPress plugin exposes cPanel API credentials in publicly accessi | |
| 1281 | CVE-2025-13188 |
|
51.7th | 9.8 | A stack-based buffer overflow vulnerability in the authentication.cgi component of D-Link DIR-816L r | |
| 1282 | CVE-2025-15228 |
|
51.6th | 9.8 | CVE-2025-15228 is a critical arbitrary file upload vulnerability in WELLTEND TECHNOLOGY's BPMFlowWeb | |
| 1283 | CVE-2025-15226 |
|
51.6th | 9.8 | WMPro software from Sunnet contains an unauthenticated arbitrary file upload vulnerability that allo | |
| 1284 | CVE-2025-30159 |
|
51.4th | 9.1 | This is a path traversal vulnerability in Kirby CMS that allows attackers to read and execute arbitr | |
| 1285 | CVE-2025-22611 |
|
51.3th | 9.9 | This vulnerability in Coolify allows any authenticated user to escalate privileges to any role, incl | |
| 1286 | CVE-2025-28229 |
|
51.3th | 9.8 | This vulnerability allows attackers to bypass authentication mechanisms in Orban OPTIMOD 5950 system | |
| 1287 | CVE-2025-47784 |
|
51.3th | 9.8 | Emlog versions 2.5.13 and prior contain a deserialization vulnerability where a user can craft a mal | |
| 1288 | CVE-2025-22916 |
|
51.2th | 9.8 | This vulnerability allows remote attackers to execute arbitrary code on RE11S v1.11 devices via a st | |
| 1289 | CVE-2025-22904 |
|
51.2th | 9.8 | This vulnerability allows remote attackers to execute arbitrary code on RE11S v1.11 devices by explo | |
| 1290 | CVE-2024-5594 |
|
51.1th | 9.1 | OpenVPN clients before version 2.6.11 are vulnerable to log injection attacks when connecting to mal | |
| 1291 | CVE-2025-45779 |
|
51.2th | 9.8 | This vulnerability allows remote attackers to execute arbitrary code on Tenda AC10 routers via a buf | |
| 1292 | CVE-2025-45797 |
|
51.1th | 9.8 | This CVE describes a critical buffer overflow vulnerability in TOTOlink A950RG routers. Attackers ca | |
| 1293 | CVE-2024-45479 |
|
51th | 9.1 | This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in the Edit Service Page of Ap | |
| 1294 | CVE-2025-13595 |
|
50.9th | 9.8 | The CIBELES AI WordPress plugin has an unauthenticated arbitrary file upload vulnerability that allo | |
| 1295 | CVE-2025-20051 |
|
50.9th | 9.9 | This vulnerability in Mattermost Boards allows authenticated users to read arbitrary files on the se | |
| 1296 | CVE-2025-25196 |
|
50.9th | 9.8 | OpenFGA versions before 1.8.5 contain an authorization bypass vulnerability that allows unauthorized | |
| 1297 | CVE-2025-26916 |
|
50.9th | 9.0 | This vulnerability allows unauthenticated attackers to include arbitrary local files in PHP applicat | |
| 1298 | CVE-2025-27647 |
|
50.8th | 9.8 | This critical vulnerability in Vasion Print (formerly PrinterLogic) allows unauthenticated attackers | |
| 1299 | CVE-2025-26873 |
|
50.7th | 9.0 | This vulnerability allows remote attackers to execute arbitrary code via PHP object injection in the | |
| 1300 | CVE-2025-10690 |
|
50.7th | 9.8 | This vulnerability allows unauthenticated attackers to upload arbitrary ZIP files containing malicio |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free