Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Flags	Summary
1401	CVE-2025-1310	1.01%	76.8th	6.5		The Jobs for WordPress plugin contains a directory traversal vulnerability that allows authenticated
1402	CVE-2025-47855	1.01%	76.7th	9.8		An unauthenticated attacker can obtain device configuration files from vulnerable FortiFone systems
1403	CVE-2025-7524	1.01%	76.7th	6.3		This critical vulnerability in TOTOLINK T6 routers allows remote attackers to execute arbitrary comm
1404	CVE-2025-30012	1.01%	76.7th	10.0		This vulnerability allows unauthenticated attackers to execute arbitrary operating system commands a
1405	CVE-2025-2855	1.01%	76.7th	4.7		A deserialization vulnerability in elunez eladmin's file upload function allows remote attackers to
1406	CVE-2025-26639	1.01%	76.7th	7.8		An integer overflow vulnerability in the Windows USB Print Driver allows authenticated attackers to
1407	CVE-2025-61304	1.01%	76.7th	9.8		This CVE describes an OS command injection vulnerability in Dynatrace ActiveGate's ping extension. A
1408	CVE-2025-41244	1.01%	76.7th	7.8	KEV	This CVE describes a local privilege escalation vulnerability in VMware Aria Operations and VMware T
1409	CVE-2025-31672	1.01%	76.6th	5.3		This vulnerability allows attackers to create malicious OOXML files (like Excel, Word, or PowerPoint
1410	CVE-2025-1009	1%	76.6th	9.8		A use-after-free vulnerability in Firefox and Thunderbird allows attackers to cause potentially expl
1411	CVE-2025-7097	1%	76.6th	8.1		This critical vulnerability in Comodo Internet Security Premium allows remote attackers to execute a
1412	CVE-2025-1282	1%	76.6th	8.8		This vulnerability in the Car Dealer Automotive WordPress theme allows authenticated attackers with
1413	CVE-2025-21628	1%	76.6th	9.1		This SQL injection vulnerability in Chatwoot allows authenticated users to execute arbitrary SQL que
1414	CVE-2025-32973	1%	76.6th	9.0		This vulnerability in XWiki allows attackers to gain programming rights through a privilege escalati
1415	CVE-2025-24074	1%	76.6th	7.8		This vulnerability allows an authorized attacker with local access to a Windows system to elevate pr
1416	CVE-2025-24062	1%	76.6th	7.8		CVE-2025-24062 is a local privilege escalation vulnerability in Windows Desktop Window Manager (DWM)
1417	CVE-2025-24058	1%	76.6th	7.8		This vulnerability allows an authorized attacker with existing access to a Windows system to exploit
1418	CVE-2025-21325	1%	76.6th	7.8		This vulnerability allows an authenticated attacker to execute arbitrary code with kernel privileges
1419	CVE-2025-24888	1%	76.5th	8.1		This vulnerability allows a compromised SecureDrop Server to execute arbitrary code on the SecureDro
1420	CVE-2023-6786	0.99%	76.5th	6.1		The Payment Gateway for Telcell WordPress plugin through version 2.0.1 contains an open redirect vul
1421	CVE-2025-29522	0.99%	76.5th	6.5		This CVE describes a command injection vulnerability in D-Link DSL-7740C routers that allows authent
1422	CVE-2024-57669	0.99%	76.5th	7.5		A directory traversal vulnerability in Zrlog backup-sql-file.jar v3.0.31 allows remote attackers to
1423	CVE-2024-12749	0.99%	76.5th	7.1		This vulnerability in the Competition Form WordPress plugin allows attackers to inject malicious scr
1424	CVE-2025-30471	0.99%	76.5th	7.5		A validation logic vulnerability in multiple Apple operating systems allows remote attackers to caus
1425	CVE-2024-12638	0.99%	76.5th	7.1		This vulnerability in the Bulk Me Now! WordPress plugin allows attackers to inject malicious scripts
1426	CVE-2025-48732	0.99%	76.5th	7.3		An incomplete blacklist in WWBN AVideo's .htaccess sample allows attackers to execute arbitrary code
1427	CVE-2024-14003	0.99%	76.5th	9.8		Nagios XI versions before 2024R1.2 contain a critical remote code execution vulnerability in the NRD
1428	CVE-2024-11369	0.99%	76.4th	6.1		This vulnerability allows unauthenticated attackers to perform reflected cross-site scripting (XSS)
1429	CVE-2025-20124	0.99%	76.4th	9.9		This vulnerability allows authenticated attackers with read-only admin credentials to execute arbitr
1430	CVE-2025-6389	0.99%	76.4th	9.8		The Sneeit Framework WordPress plugin has a critical Remote Code Execution vulnerability that allows
1431	CVE-2025-25745	0.98%	76.4th	8.8		This vulnerability allows remote attackers to execute arbitrary code on D-Link DIR-853 A1 routers by
1432	CVE-2025-20363	0.98%	76.4th	9.0		This critical vulnerability allows remote attackers to execute arbitrary code with root privileges o
1433	CVE-2025-3434	0.98%	76.4th	7.2		The SMTP for Amazon SES – YaySMTP WordPress plugin has a stored cross-site scripting vulnerability
1434	CVE-2025-14500	0.98%	76.4th	9.8		This vulnerability allows unauthenticated remote attackers to execute arbitrary operating system com
1435	CVE-2024-13831	0.98%	76.3th	7.2		The Tabs for WooCommerce WordPress plugin is vulnerable to PHP object injection through deserializat
1436	CVE-2024-9664	0.98%	76.3th	7.2		The WP All Import Pro plugin for WordPress is vulnerable to PHP object injection through deserializa
1437	CVE-2025-1785	0.98%	76.3th	5.4		The Download Manager plugin for WordPress has a directory traversal vulnerability that allows authen
1438	CVE-2024-13833	0.98%	76.3th	7.2		This vulnerability in the Album Gallery WordPress plugin allows authenticated attackers with Editor-
1439	CVE-2025-61811	0.98%	76.3th	9.1		This CVE describes an Improper Access Control vulnerability in Adobe ColdFusion that allows high-pri
1440	CVE-2024-32641	0.98%	76.4th	9.8		CVE-2024-32641 is a critical remote code execution vulnerability in Masa CMS that allows unauthentic
1441	CVE-2024-8019	0.98%	76.3th	9.1		This vulnerability in PyTorch Lightning's LightningApp allows attackers to write arbitrary files via
1442	CVE-2025-28399	0.98%	76.3th	9.8		A privilege escalation vulnerability in Erick xmall v1.1 and earlier allows remote attackers to gain
1443	CVE-2025-28412	0.98%	76.3th	9.8		A privilege escalation vulnerability in RUoYi v.4.8.0 allows remote attackers to gain elevated privi
1444	CVE-2025-28410	0.98%	76.3th	9.8		A privilege escalation vulnerability in RUoYi v.4.8.0 allows remote attackers to gain administrative
1445	CVE-2025-28408	0.98%	76.3th	9.8		A privilege escalation vulnerability in RUoYi v.4.8.0 allows remote attackers to gain elevated privi
1446	CVE-2025-28405	0.98%	76.3th	9.8		A privilege escalation vulnerability in RUoYi v.4.8.0 allows remote attackers to gain elevated privi
1447	CVE-2025-28402	0.98%	76.3th	9.8		A privilege escalation vulnerability in RUoYi v.4.8.0 allows remote attackers to gain elevated privi
1448	CVE-2024-57212	0.97%	76.3th	5.1		This CVE describes a command injection vulnerability in TOTOLINK A6000R routers that allows attacker
1449	CVE-2024-13790	0.97%	76.3th	9.8		This vulnerability allows unauthenticated attackers to perform Local File Inclusion (LFI) in the Min
1450	CVE-2024-13727	0.97%	76.3th	6.1		This vulnerability in the MemberSpace WordPress plugin allows attackers to inject malicious scripts

← Previous Page 29 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free