Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
1301	CVE-2025-68398	0.28%	50.7th	9.1	This vulnerability in Weblate allows remote attackers to overwrite Git configuration settings, poten
1302	CVE-2024-55160	0.28%	50.7th	9.8	GFast versions 2 through 3.2 contain a SQL injection vulnerability in the OrderBy parameter at the /
1303	CVE-2022-50696	0.28%	50.6th	9.8	SOUND4 IMPACT/FIRST/PULSE/Eco devices versions 2.x and below contain hardcoded credentials in server
1304	CVE-2025-0680	0.28%	50.6th	9.8	This vulnerability allows remote attackers to execute arbitrary commands on devices connected to the
1305	CVE-2025-30372	0.27%	50.4th	9.8	Emlog Pro versions 2.5.7 and 2.5.8 contain an SQL injection vulnerability in search_controller.php d
1306	CVE-2025-25686	0.27%	50.4th	9.8	This vulnerability allows attackers to execute arbitrary SQL commands through SEMCMS_Fuction.php in
1307	CVE-2024-40073	0.27%	50.4th	9.8	This SQL injection vulnerability in Sourcecodester Online ID Generator System 1.0 allows attackers t
1308	CVE-2025-29369	0.27%	50.4th	9.8	CVE-2025-29369 is a critical SQL injection vulnerability in Code-Projects Matrimonial Site V1.0 that
1309	CVE-2025-10156	0.27%	50.4th	9.8	This vulnerability allows attackers to bypass security scans in mmaitre314 picklescan by crafting ZI
1310	CVE-2024-39754	0.27%	50.3th	10.0	A critical static login vulnerability in Wavlink AC3000 routers allows unauthenticated remote attack
1311	CVE-2024-56323	0.27%	50.2th	9.8	OpenFGA versions 1.3.8 to 1.8.2 contain an authorization bypass vulnerability when using conditions
1312	CVE-2025-30367	0.27%	50.2th	9.8	A SQL injection vulnerability in WeGIA web management software allows attackers to manipulate databa
1313	CVE-2025-36038	0.27%	50.2th	9.0	CVE-2025-36038 is a critical deserialization vulnerability in IBM WebSphere Application Server that
1314	CVE-2025-34212	0.27%	50.2th	9.8	This CVE describes a supply chain vulnerability in Vasion Print (formerly PrinterLogic) build pipeli
1315	CVE-2025-43342	0.27%	50.3th	9.8	This vulnerability in Apple's Safari browser and related operating systems allows processing malicio
1316	CVE-2025-44658	0.27%	50.2th	9.8	This vulnerability allows attackers to upload malicious scripts with non-.php extensions that the Ne
1317	CVE-2025-10850	0.27%	50.1th	9.8	The Felan Framework WordPress plugin contains hardcoded passwords in social login functions, allowin
1318	CVE-2025-12868	0.27%	50.1th	9.8	CVE-2025-12868 is a client-side authentication vulnerability in CyberTutor's New Site Server that al
1319	CVE-2025-11007	0.27%	50.1th	9.8	The CE21 Suite WordPress plugin versions 2.2.1 to 2.3.1 contain an authentication bypass vulnerabili
1320	CVE-2025-0838	0.27%	50th	9.8	This CVE describes a heap buffer overflow vulnerability in Abseil-cpp's hash containers where oversi
1321	CVE-2025-28916	0.27%	50.1th	9.8	This CVE describes a PHP Local File Inclusion vulnerability in the Docpro WordPress plugin that allo
1322	CVE-2025-3128	0.27%	50th	9.8	CVE-2025-3128 is a critical OS command injection vulnerability in Mitsubishi Electric smartRTU devic
1323	CVE-2021-47774	0.27%	50th	9.8	Kingdia CD Extractor 3.0.2 contains a critical buffer overflow vulnerability in its registration nam
1324	CVE-2025-3699	0.27%	50th	9.8	CVE-2025-3699 is a critical authentication bypass vulnerability affecting multiple Mitsubishi Electr
1325	CVE-2025-41240	0.27%	49.9th	10.0	This critical vulnerability allows unauthenticated remote attackers to access Kubernetes secrets via
1326	CVE-2025-40836	0.27%	49.9th	9.8	Ericsson Indoor Connect 8855 has an improper input validation vulnerability that allows attackers to
1327	CVE-2025-65346	0.27%	49.9th	9.1	CVE-2025-65346 is a directory traversal vulnerability in alexusmai/laravel-file-manager that allows
1328	CVE-2025-66222	0.27%	50th	9.6	DeepChat versions 0.5.0 and earlier contain a stored XSS vulnerability in the Mermaid diagram render
1329	CVE-2025-44083	0.27%	49.8th	9.8	This vulnerability allows remote attackers to bypass administrator login authentication on D-Link DI
1330	CVE-2025-34216	0.27%	49.9th	9.8	Vasion Print (formerly PrinterLogic) Virtual Appliance exposes unauthenticated REST API endpoints th
1331	CVE-2020-37186	0.27%	49.8th	9.8	CVE-2020-37186 is a critical remote code execution vulnerability in Chevereto image hosting software
1332	CVE-2023-54330	0.27%	49.8th	9.8	This CVE describes a critical remote stack-based buffer overflow vulnerability in Inbit Messenger ve
1333	CVE-2025-29266	0.27%	49.7th	9.6	This vulnerability allows remote attackers to gain root access to Unraid's web interface and console
1334	CVE-2025-57795	0.27%	49.7th	9.9	Explorance Blue versions before 8.14.13 contain an authenticated remote file download vulnerability
1335	CVE-2025-22777	0.27%	49.6th	9.8	CVE-2025-22777 is a critical PHP object injection vulnerability in the GiveWP WordPress plugin that
1336	CVE-2025-27494	0.27%	49.7th	9.1	This vulnerability allows authenticated remote administrators on SiPass integrated access control sy
1337	CVE-2025-27677	0.27%	49.6th	9.8	This vulnerability in Vasion Print (formerly PrinterLogic) allows unprivileged users to create symbo
1338	CVE-2025-27674	0.27%	49.6th	9.8	CVE-2025-27674 is a critical vulnerability in Vasion Print (formerly PrinterLogic) that involves a h
1339	CVE-2025-27655	0.27%	49.6th	9.8	This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in Vasion Print (formerly Prin
1340	CVE-2025-27651	0.27%	49.6th	9.8	This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in Vasion Print (formerly Prin
1341	CVE-2025-27649	0.27%	49.6th	9.8	This vulnerability allows attackers to bypass access controls in Vasion Print (formerly PrinterLogic
1342	CVE-2025-27645	0.27%	49.6th	9.8	This vulnerability in Vasion Print (formerly PrinterLogic) allows attackers to install malicious ext
1343	CVE-2025-27642	0.27%	49.7th	9.8	This vulnerability allows unauthenticated attackers to edit driver packages in Vasion Print (formerl
1344	CVE-2025-27638	0.27%	49.6th	9.8	CVE-2025-27638 is a hardcoded password vulnerability in Vasion Print (formerly PrinterLogic) that al
1345	CVE-2025-10412	0.26%	49.6th	9.8	This vulnerability allows unauthenticated attackers to upload arbitrary files to WordPress servers r
1346	CVE-2024-53923	0.26%	49.3th	9.1	This vulnerability allows authenticated users with high privileges in Centreon Web to perform SQL in
1347	CVE-2026-1021	0.26%	49.2th	9.8	The Police Statistics Database System developed by Gotac contains an arbitrary file upload vulnerabi
1348	CVE-2026-24841	0.26%	49.2th	9.9	CVE-2026-24841 is a critical command injection vulnerability in Dokploy, a self-hosted PaaS, allowin
1349	CVE-2024-56290	0.26%	49.1th	9.3	This SQL injection vulnerability in the WordPress plugin 'Multiple Shipping And Billing Address For
1350	CVE-2025-22144	0.26%	49.1th	9.8	This vulnerability in NamelessMC allows attackers with admincp.core.emails or admincp.users.edit per

← Previous Page 27 of 70 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free