Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 1251 | CVE-2025-27103 |
|
43.1th | 6.5 | This vulnerability allows authenticated users in DataEase to bypass a previous security patch and re | |
| 1252 | CVE-2025-28872 |
|
43.1th | 5.3 | This CVE describes a missing authorization vulnerability in the WordPress plugin Block Spam By Math | |
| 1253 | CVE-2023-52969 |
|
43.2th | 4.9 | This vulnerability in MariaDB Server can cause the database to crash under certain conditions, poten | |
| 1254 | CVE-2024-42699 |
|
43.1th | 6.5 | This stored cross-site scripting (XSS) vulnerability in Alkacon OpenCMS 17.0 allows remote attackers | |
| 1255 | CVE-2025-9581 |
|
43.2th | 6.3 | This vulnerability allows remote attackers to execute arbitrary commands on Comfast CF-N1 routers by | |
| 1256 | CVE-2025-25737 |
|
43.1th | 6.8 | This vulnerability allows attackers to bypass authentication on Kapsch TrafficCom RIS-9160 and RIS-9 | |
| 1257 | CVE-2025-25039 |
|
43th | 4.7 | This vulnerability in HPE Aruba ClearPass Policy Manager allows authenticated remote attackers to ex | |
| 1258 | CVE-2025-2840 |
|
43th | 5.3 | The DAP to Autoresponders Email Syncing WordPress plugin exposes sensitive server information throug | |
| 1259 | CVE-2025-3986 |
|
43th | 4.3 | This vulnerability in Apereo CAS 5.2.6 involves inefficient regular expression complexity in the Cas | |
| 1260 | CVE-2025-3531 |
|
43th | 4.3 | This vulnerability allows attackers to inject malicious scripts into YouDianCMS admin interface thro | |
| 1261 | CVE-2025-2881 |
|
43th | 5.3 | The Developer Toolbar WordPress plugin exposes sensitive server information through a publicly acces | |
| 1262 | CVE-2025-52186 |
|
43th | 6.5 | This SSRF vulnerability in Lichess lila allows remote attackers to force the server to make HTTP req | |
| 1263 | CVE-2025-24588 |
|
42.9th | 6.5 | This CVE describes a missing authorization vulnerability in the Patreon WordPress plugin that allows | |
| 1264 | CVE-2025-23886 |
|
42.9th | 6.5 | This stored cross-site scripting (XSS) vulnerability in the Annie WordPress plugin allows attackers | |
| 1265 | CVE-2025-23876 |
|
42.9th | 6.5 | This stored cross-site scripting (XSS) vulnerability in the WP krpano WordPress plugin allows attack | |
| 1266 | CVE-2025-23873 |
|
42.9th | 6.5 | This stored cross-site scripting (XSS) vulnerability in the Category D3 Tree WordPress plugin allows | |
| 1267 | CVE-2025-23868 |
|
42.9th | 6.5 | This stored cross-site scripting (XSS) vulnerability in the Chess Tempo Viewer WordPress plugin allo | |
| 1268 | CVE-2025-23864 |
|
42.9th | 6.5 | This stored cross-site scripting (XSS) vulnerability in the WCS QR Code Generator WordPress plugin a | |
| 1269 | CVE-2025-23833 |
|
42.9th | 6.5 | This DOM-based Cross-Site Scripting (XSS) vulnerability in the WordPress Links/Problem Reporter plug | |
| 1270 | CVE-2025-23816 |
|
42.9th | 6.5 | This stored cross-site scripting (XSS) vulnerability in the Metaphor Widgets WordPress plugin allows | |
| 1271 | CVE-2025-23807 |
|
42.9th | 6.5 | This stored cross-site scripting (XSS) vulnerability in the Spiderpowa Embed PDF WordPress plugin al | |
| 1272 | CVE-2025-23802 |
|
42.9th | 6.5 | This stored cross-site scripting (XSS) vulnerability in WP-Revive Adserver allows attackers to injec | |
| 1273 | CVE-2025-23796 |
|
42.9th | 6.5 | This stored cross-site scripting (XSS) vulnerability in the Easy Portfolio WordPress plugin allows a | |
| 1274 | CVE-2025-23794 |
|
42.9th | 6.5 | This stored XSS vulnerability in the wp_amaps WordPress plugin allows attackers to inject malicious | |
| 1275 | CVE-2025-23777 |
|
42.9th | 6.5 | This stored cross-site scripting (XSS) vulnerability in the GDPR Personal Data Reports WordPress plu | |
| 1276 | CVE-2025-30203 |
|
42.9th | 4.8 | This CVE describes a cross-site scripting (XSS) vulnerability in Tuleap's RSS widget functionality. | |
| 1277 | CVE-2025-29218 |
|
42.9th | 6.5 | Tenda W18E v2.0 router firmware version 16.01.0.11 contains a stack overflow vulnerability in the wi | |
| 1278 | CVE-2025-30013 |
|
42.8th | 6.7 | SAP ERP BW Business Content contains function modules vulnerable to OS command injection, allowing a | |
| 1279 | CVE-2024-58132 |
|
42.9th | 4.0 | A race condition vulnerability in chainmaker-go (ChainMaker) allows concurrent read/write operations | |
| 1280 | CVE-2025-64714 |
|
42.9th | 5.8 | CVE-2025-64714 is a Local File Inclusion vulnerability in PrivateBin's template-switching feature th | |
| 1281 | CVE-2025-30218 |
|
42.5th | 5.9 | This Next.js vulnerability allows the x-middleware-subrequest-id header to be unintentionally leaked | |
| 1282 | CVE-2024-58135 |
|
42.8th | 5.3 | Mojolicious applications created with 'mojo generate app' from version 7.28 use weak HMAC session co | |
| 1283 | CVE-2025-8802 |
|
42.7th | 5.3 | A denial-of-service vulnerability in Open5GS SMF component allows remote attackers to crash the serv | |
| 1284 | CVE-2024-41177 |
|
42.7th | 6.1 | Apache Zeppelin versions before 0.12.0 have an incomplete blacklist that fails to properly sanitize | |
| 1285 | CVE-2025-58133 |
|
42.8th | 5.3 | An authentication bypass vulnerability in Zoom Rooms Clients allows unauthenticated attackers to acc | |
| 1286 | CVE-2025-52867 |
|
42.7th | 6.5 | An uncontrolled resource consumption vulnerability in Qsync Central allows authenticated remote atta | |
| 1287 | CVE-2025-44012 |
|
42.7th | 6.5 | A resource exhaustion vulnerability in Qsync Central allows authenticated attackers to consume syste | |
| 1288 | CVE-2025-44006 |
|
42.7th | 6.5 | This vulnerability in Qsync Central allows authenticated remote attackers to perform resource exhaus | |
| 1289 | CVE-2025-33040 |
|
42.7th | 6.5 | This vulnerability in Qsync Central allows authenticated remote attackers to allocate resources with | |
| 1290 | CVE-2025-33039 |
|
42.7th | 6.5 | This vulnerability in Qsync Central allows authenticated remote attackers to exhaust system resource | |
| 1291 | CVE-2025-30732 |
|
42.4th | 6.1 | An unauthenticated attacker can exploit this vulnerability in Oracle Application Object Library via | |
| 1292 | CVE-2025-3590 |
|
42.5th | 6.3 | CVE-2025-3590 is a critical remote deserialization vulnerability in Adianti Framework up to version | |
| 1293 | CVE-2026-1413 |
|
42.4th | 6.3 | This CVE describes a command injection vulnerability in Sangfor Operation and Maintenance Security M | |
| 1294 | CVE-2025-21347 |
|
42.4th | 6.0 | This vulnerability in Windows Deployment Services allows attackers to cause a denial of service by s | |
| 1295 | CVE-2025-24198 |
|
42.4th | 6.6 | This vulnerability allows an attacker with physical access to a locked Apple device to use Siri to a | |
| 1296 | CVE-2024-55965 |
|
42.4th | 6.5 | Appsmith versions before 1.51 have an incorrect access control vulnerability where users with 'App V | |
| 1297 | CVE-2025-3797 |
|
42.4th | 4.7 | This critical SQL injection vulnerability in SeaCMS allows remote attackers to execute arbitrary SQL | |
| 1298 | CVE-2025-3792 |
|
42.4th | 4.7 | This critical SQL injection vulnerability in SeaCMS allows remote attackers to execute arbitrary SQL | |
| 1299 | CVE-2025-9579 |
|
42.4th | 6.3 | This CVE describes an OS command injection vulnerability in LB-LINK BL-X26 routers version 1.2.8. At | |
| 1300 | CVE-2025-58587 |
|
42.4th | 6.5 | This vulnerability allows attackers to perform brute-force attacks against authentication systems by |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free