Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
1351	CVE-2024-13110	0.2%	41.7th	4.3	This vulnerability in Beijing Yunfan Internet Technology's Yunfan Learning Examination System 1.9.2
1352	CVE-2025-3038	0.2%	41.7th	6.3	This critical SQL injection vulnerability in Payroll Management System 1.0 allows remote attackers t
1353	CVE-2025-2984	0.2%	41.7th	6.3	This critical SQL injection vulnerability in Payroll Management System 1.0 allows attackers to manip
1354	CVE-2025-2854	0.2%	41.7th	6.3	A critical SQL injection vulnerability exists in code-projects Payroll Management System 1.0 through
1355	CVE-2024-40590	0.2%	41.6th	4.8	This vulnerability allows man-in-the-middle attackers to intercept and tamper with encrypted communi
1356	CVE-2025-3685	0.2%	41.7th	6.3	A critical SQL injection vulnerability exists in code-projects Patient Record Management System 1.0.
1357	CVE-2025-3348	0.2%	41.7th	6.3	A critical SQL injection vulnerability in code-projects Patient Record Management System 1.0 allows
1358	CVE-2025-3347	0.2%	41.7th	6.3	A critical SQL injection vulnerability in code-projects Patient Record Management System 1.0 allows
1359	CVE-2025-3235	0.2%	41.7th	6.3	This critical SQL injection vulnerability in PHPGurukul Old Age Home Management System 1.0 allows re
1360	CVE-2025-3209	0.2%	41.7th	6.3	This critical SQL injection vulnerability in Patient Record Management System 1.0 allows remote atta
1361	CVE-2025-3205	0.2%	41.7th	6.3	A critical SQL injection vulnerability in CodeAstro Student Grading System 1.0 allows remote attacke
1362	CVE-2025-3141	0.2%	41.7th	6.3	This critical SQL injection vulnerability in SourceCodester Online Medicine Ordering System 1.0 allo
1363	CVE-2025-3134	0.2%	41.7th	6.3	A critical SQL injection vulnerability in code-projects Payroll Management System 1.0 allows remote
1364	CVE-2025-3119	0.2%	41.7th	6.3	This is a critical SQL injection vulnerability in SourceCodester Online Tutor Portal 1.0 that allows
1365	CVE-2025-3118	0.2%	41.7th	6.3	CVE-2025-3118 is a critical SQL injection vulnerability in SourceCodester Online Tutor Portal 1.0 th
1366	CVE-2025-29157	0.2%	41.6th	6.5	This vulnerability in petstore v1.0.7 allows remote attackers to execute arbitrary code by accessing
1367	CVE-2025-62416	0.2%	41.5th	5.1	Bagisto v2.3.7 has a Server-Side Template Injection vulnerability in product description rendering t
1368	CVE-2025-9512	0.2%	41.5th	6.1	This vulnerability in the Schema & Structured Data for WP & AMP WordPress plugin allows unauthentica
1369	CVE-2025-67189	0.2%	41.7th	6.5	A buffer overflow vulnerability in TOTOLINK A950RG routers allows remote attackers to cause denial o
1370	CVE-2025-21323	0.2%	41.5th	5.5	This Windows kernel vulnerability allows attackers to read sensitive memory information from the ker
1371	CVE-2025-21320	0.2%	41.5th	5.5	This Windows kernel vulnerability allows attackers to read sensitive kernel memory information, pote
1372	CVE-2025-21318	0.2%	41.5th	5.5	This Windows kernel vulnerability allows attackers to read sensitive memory information from the ker
1373	CVE-2024-13749	0.2%	41.4th	6.1	The StaffList WordPress plugin up to version 3.2.3 has a CSRF vulnerability that allows unauthentica
1374	CVE-2025-2252	0.2%	41.4th	5.3	The Easy Digital Downloads WordPress plugin exposes private download post titles to unauthenticated
1375	CVE-2025-10745	0.2%	41.5th	5.3	This vulnerability allows unauthenticated attackers to bypass the Banhammer WordPress plugin's traff
1376	CVE-2024-35280	0.2%	41.5th	5.4	This vulnerability allows attackers to perform reflected cross-site scripting (XSS) attacks against
1377	CVE-2025-24143	0.2%	41.3th	6.5	This vulnerability allows malicious webpages to bypass file system access restrictions and fingerpri
1378	CVE-2025-21543	0.2%	41.3th	4.9	This vulnerability in Oracle MySQL Server allows high-privileged attackers with network access to ca
1379	CVE-2025-21505	0.2%	41.3th	4.9	This vulnerability in Oracle MySQL Server allows high-privileged attackers with network access to ca
1380	CVE-2025-21503	0.2%	41.3th	4.9	This vulnerability in MySQL Server's InnoDB component allows high-privileged attackers with network
1381	CVE-2025-21492	0.2%	41.3th	4.9	This vulnerability in MySQL Server's Optimizer component allows high-privileged attackers with netwo
1382	CVE-2025-24013	0.2%	41.4th	5.3	CodeIgniter versions before 4.5.8 lack proper validation for HTTP header names and values, allowing
1383	CVE-2025-23193	0.2%	41.3th	5.3	CVE-2025-23193 is an information disclosure vulnerability in SAP NetWeaver Server ABAP that allows u
1384	CVE-2025-53716	0.2%	41.3th	6.5	A null pointer dereference vulnerability in Windows LSASS allows authenticated attackers to cause a
1385	CVE-2025-23028	0.19%	41.2th	5.3	A denial of service vulnerability in Cilium allows attackers to crash Cilium agents by sending craft
1386	CVE-2025-2952	0.19%	41.3th	6.3	CVE-2025-2952 is a critical unrestricted file upload vulnerability in Bluestar Micro Mall 1.0 that a
1387	CVE-2025-24949	0.19%	41.2th	6.5	CVE-2025-24949 is an authentication bypass vulnerability in JotUrl 2.0 that allows attackers to chan
1388	CVE-2025-4453	0.19%	41.3th	6.3	This CVE describes a critical command injection vulnerability in D-Link DIR-619L routers. Attackers
1389	CVE-2025-4445	0.19%	41.3th	6.3	This critical vulnerability in D-Link DIR-605L routers allows remote attackers to execute arbitrary
1390	CVE-2025-46565	0.19%	41.3th	5.3	This vulnerability in Vite allows attackers to bypass file access restrictions and read sensitive fi
1391	CVE-2025-65287	0.19%	41.3th	4.3	An unauthenticated directory traversal vulnerability in SNMP Web Pro 1.1 allows remote attackers to
1392	CVE-2026-2063	0.19%	41.3th	4.7	This CVE describes an OS command injection vulnerability in D-Link DIR-823X routers. Attackers can e
1393	CVE-2025-34171	0.19%	41.2th	5.3	CasaOS versions up to 0.4.15 expose unauthenticated endpoints that allow remote attackers to retriev
1394	CVE-2024-45653	0.19%	41.2th	4.3	IBM Sterling Connect:Direct Web Services versions 6.0-6.3 expose sensitive IP address information to
1395	CVE-2024-13210	0.19%	41.1th	4.7	This vulnerability allows remote attackers to upload arbitrary files to the donglight bookstore e-co
1396	CVE-2024-13201	0.19%	41.1th	4.7	This vulnerability allows remote attackers to upload arbitrary files without restrictions in the Spr
1397	CVE-2025-21188	0.19%	41.1th	6.0	This vulnerability in Azure Network Watcher VM Extension allows authenticated users with VM-level ac
1398	CVE-2025-2475	0.19%	41.1th	5.4	Mattermost fails to invalidate user cache when converting accounts to bots, allowing attackers to lo
1399	CVE-2025-11692	0.19%	41.1th	5.3	The Zip Attachments plugin for WordPress has an authorization vulnerability that allows unauthentica
1400	CVE-2025-10720	0.19%	41.1th	6.5	This vulnerability allows unauthenticated attackers to bypass password protection on private content

← Previous Page 28 of 331 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free