Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Flags	Summary
1451	CVE-2026-0581	0.97%	76.2th	6.3		This CVE describes a command injection vulnerability in Tenda AC1206 routers that allows remote atta
1452	CVE-2024-58308	0.97%	76.2th	9.8		CVE-2024-58308 is a critical SQL injection vulnerability in Quick.CMS 6.7 that allows unauthenticate
1453	CVE-2025-20115	0.97%	76.2th	8.6		A memory corruption vulnerability in Cisco IOS XR's BGP confederation implementation allows unauthen
1454	CVE-2025-24985	0.97%	76.2th	7.8	KEV	An integer overflow vulnerability in the Windows Fast FAT driver allows local attackers to execute a
1455	CVE-2026-25892	0.97%	76.2th	7.5		Adminer v5.4.1 and earlier has a version check endpoint that lacks origin validation, allowing attac
1456	CVE-2025-22204	0.97%	76.2th	9.8		This vulnerability allows remote attackers to execute arbitrary code on Joomla websites using the So
1457	CVE-2025-65294	0.97%	76.2th	9.8		Aqara Hub devices contain an undocumented remote access mechanism that allows attackers to execute a
1458	CVE-2025-30727	0.96%	76.1th	9.8		This critical vulnerability in Oracle E-Business Suite's iSurvey Module allows unauthenticated attac
1459	CVE-2025-43565	0.96%	76.1th	8.4		This CVE describes an incorrect authorization vulnerability in Adobe ColdFusion that allows high-pri
1460	CVE-2025-30457	0.96%	76.1th	9.8		This macOS vulnerability allows malicious applications to create symbolic links to protected disk re
1461	CVE-2025-63218	0.96%	76.1th	9.8		This vulnerability allows unauthenticated remote attackers to completely compromise Axel Technology
1462	CVE-2025-26856	0.96%	76th	7.2		This CVE describes an OS command injection vulnerability in UD-LT2 firmware that allows authenticate
1463	CVE-2024-13882	0.96%	76th	8.8		The Aiomatic WordPress plugin allows authenticated attackers with Contributor-level access or higher
1464	CVE-2025-2932	0.96%	76th	8.8		The JKDEVKIT WordPress plugin allows authenticated attackers with Subscriber-level access (or Contri
1465	CVE-2025-5014	0.96%	76th	8.8		This vulnerability allows authenticated attackers with Subscriber-level access or higher to delete a
1466	CVE-2025-58163	0.96%	76th	8.8		CVE-2025-58163 is a remote code execution vulnerability in FreeScout help desk software where authen
1467	CVE-2025-25388	0.95%	76th	9.8		A SQL injection vulnerability in PHPGurukul Land Record System v1.0 allows remote attackers to execu
1468	CVE-2025-25914	0.95%	76th	9.8		A SQL injection vulnerability in Online Exam Mastering System v1.0 allows remote attackers to execut
1469	CVE-2024-13889	0.95%	76th	7.2		The WordPress Importer plugin is vulnerable to PHP object injection via deserialization of untrusted
1470	CVE-2025-27423	0.95%	76th	7.1		This vulnerability in Vim's tar.vim plugin allows arbitrary shell command execution when opening spe
1471	CVE-2023-42229	0.95%	76th	6.5		Pat Infinite Solutions HelpdeskAdvanced versions up to 11.0.33 contain a directory traversal vulnera
1472	CVE-2025-21622	0.95%	75.9th	7.5		This CVE describes a path traversal vulnerability in ClipBucket V5's avatar upload feature. Attacker
1473	CVE-2024-12221	0.95%	75.9th	6.1		The Turnkey bbPress by WeaverTheme WordPress plugin contains a reflected cross-site scripting (XSS)
1474	CVE-2025-55177	0.95%	75.9th	5.4	KEV	This WhatsApp vulnerability allows unauthorized users to trigger processing of arbitrary URLs on a t
1475	CVE-2023-53872	0.95%	75.9th	N/A		CVE-2023-53872 is an OS command injection vulnerability in Wp2Fac 1.0 that allows remote attackers t
1476	CVE-2024-39750	0.94%	75.9th	8.8		IBM Analytics Content Hub 2.0 contains a buffer overflow vulnerability (CWE-120) that allows authent
1477	CVE-2024-11681	0.94%	75.9th	6.8		This vulnerability allows a malicious or compromised MacPorts mirror to execute arbitrary commands w
1478	CVE-2024-12738	0.94%	75.9th	6.1		This vulnerability allows unauthenticated attackers to inject malicious scripts into WordPress user
1479	CVE-2025-58045	0.94%	75.9th	9.8		This vulnerability in Dataease allows attackers to exploit the DB2 JDBC connection string to trigger
1480	CVE-2025-32871	0.94%	75.9th	8.8		An SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to
1481	CVE-2025-32867	0.94%	75.9th	8.8		An SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to
1482	CVE-2025-32865	0.94%	75.9th	8.8		An SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to
1483	CVE-2025-32863	0.94%	75.9th	8.8		This SQL injection vulnerability in TeleControl Server Basic allows authenticated attackers to bypas
1484	CVE-2025-32861	0.94%	75.9th	8.8		An SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to
1485	CVE-2025-32859	0.94%	75.9th	8.8		This SQL injection vulnerability in TeleControl Server Basic allows authenticated attackers to bypas
1486	CVE-2025-32857	0.94%	75.9th	8.8		An SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to
1487	CVE-2025-32855	0.94%	75.9th	8.8		An SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to
1488	CVE-2025-32853	0.94%	75.9th	8.8		This SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers t
1489	CVE-2025-32851	0.94%	75.9th	8.8		An SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to
1490	CVE-2025-32849	0.94%	75.9th	8.8		This SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers t
1491	CVE-2025-32847	0.94%	75.9th	8.8		This SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers t
1492	CVE-2025-32845	0.94%	75.9th	8.8		An SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to
1493	CVE-2025-32843	0.94%	75.9th	8.8		This SQL injection vulnerability in TeleControl Server Basic allows authenticated attackers to bypas
1494	CVE-2025-32841	0.94%	75.9th	8.8		This SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers t
1495	CVE-2025-32839	0.94%	75.9th	8.8		This SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers t
1496	CVE-2025-32837	0.94%	75.9th	8.8		An SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to
1497	CVE-2025-32835	0.94%	75.9th	8.8		This SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers t
1498	CVE-2025-32833	0.94%	75.9th	8.8		This SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers t
1499	CVE-2025-32831	0.94%	75.9th	8.8		This SQL injection vulnerability in TeleControl Server Basic allows authenticated attackers to bypas
1500	CVE-2025-32829	0.94%	75.9th	8.8		An SQL injection vulnerability in TeleControl Server Basic allows authenticated remote attackers to

← Previous Page 30 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free