Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
1451	CVE-2025-27428	0.39%	59.3th	7.7	This directory traversal vulnerability in SAP Solution Manager allows authorized attackers to read f
1452	CVE-2025-27829	0.39%	59.3th	7.3	A vulnerability in Stormshield Network Security (SNS) firewalls allows attackers to disrupt multicas
1453	CVE-2025-34322	0.39%	59.3th	7.2	Nagios Log Server versions before 2026R1.0.1 contain an authenticated command injection vulnerabilit
1454	CVE-2025-5527	0.39%	59.2th	8.8	This critical vulnerability in Tenda RX3 routers allows remote attackers to execute arbitrary code v
1455	CVE-2025-21611	0.38%	59.2th	8.8	tgstation-server versions before 6.12.3 have an authorization bypass vulnerability where role permis
1456	CVE-2024-6851	0.38%	59.2th	7.5	This vulnerability allows arbitrary file deletion on systems running the aim tracking server. An att
1457	CVE-2025-31175	0.38%	59.1th	8.4	A deserialization mismatch vulnerability in the DSoftBus module allows attackers to manipulate seria
1458	CVE-2025-4102	0.38%	59.2th	7.2	The Beaver Builder Plugin (Starter Version) for WordPress has a vulnerability allowing authenticated
1459	CVE-2025-6086	0.38%	59.2th	7.2	The CSV Me WordPress plugin allows authenticated attackers with Administrator privileges to upload a
1460	CVE-2025-3234	0.38%	59.2th	7.2	The File Manager Pro – Filester WordPress plugin allows authenticated attackers with Administrator
1461	CVE-2025-57403	0.38%	59.2th	7.5	Cola Dnslog v1.3.2 has a directory traversal vulnerability in TXT record processing that allows atta
1462	CVE-2025-21235	0.38%	59.1th	7.8	This vulnerability in Windows PrintWorkflowUserSvc allows attackers to elevate privileges from a sta
1463	CVE-2025-21234	0.38%	59.1th	7.8	This vulnerability allows attackers to elevate privileges on Windows systems by exploiting the Print
1464	CVE-2025-26413	0.38%	59th	7.5	An improper input validation vulnerability in Apache Kvrocks allows attackers to crash the server by
1465	CVE-2025-7910	0.38%	59th	8.8	A critical stack-based buffer overflow vulnerability in D-Link DIR-513 routers allows remote attacke
1466	CVE-2025-31717	0.38%	59th	7.5	This vulnerability in modem firmware allows remote attackers to cause a system crash through imprope
1467	CVE-2025-11287	0.38%	59th	7.3	CVE-2025-11287 is an authentication bypass vulnerability in samanhappy MCPHub's SSE service that all
1468	CVE-2025-24137	0.38%	59th	8.0	This CVE describes a type confusion vulnerability in Apple operating systems that could allow a remo
1469	CVE-2025-24061	0.38%	59th	7.8	This vulnerability allows local attackers to bypass Windows Mark of the Web (MOTW) security protecti
1470	CVE-2025-7645	0.38%	58.9th	8.1	The Extensions For CF7 WordPress plugin has an arbitrary file deletion vulnerability that allows una
1471	CVE-2025-1930	0.38%	58.9th	8.8	A use-after-free vulnerability in Firefox and Thunderbird on Windows allows a compromised content pr
1472	CVE-2025-30724	0.38%	58.9th	7.5	An unauthenticated vulnerability in Oracle BI Publisher's XML Services allows remote attackers to ac
1473	CVE-2025-4413	0.38%	58.9th	8.8	The Pixabay Images WordPress plugin allows authenticated attackers with Author-level access or highe
1474	CVE-2025-12903	0.38%	58.9th	7.5	This vulnerability allows unauthenticated attackers to bypass authorization and retrieve payment met
1475	CVE-2025-32034	0.38%	58.8th	7.5	A denial-of-service vulnerability in Apollo Router Core allows attackers to craft GraphQL queries wi
1476	CVE-2025-32032	0.38%	58.8th	7.5	A denial-of-service vulnerability in Apollo Router allows attackers to craft GraphQL queries with de
1477	CVE-2025-4354	0.38%	58.8th	8.8	A critical stack-based buffer overflow vulnerability in Tenda DAP-1520 routers allows remote attacke
1478	CVE-2025-49083	0.38%	58.8th	7.2	CVE-2025-49083 is a deserialization vulnerability in Absolute Secure Access management console that
1479	CVE-2025-63951	0.38%	58.7th	7.5	This CVE describes an insecure deserialization vulnerability in the MiczFlor RPi-Jukebox-RFID projec
1480	CVE-2025-63950	0.38%	58.7th	7.5	An insecure deserialization vulnerability in Twittodon's download.php script allows remote, unauthen
1481	CVE-2025-15502	0.38%	58.6th	7.3	This CVE describes a remote command injection vulnerability in Sangfor Operation and Maintenance Man
1482	CVE-2025-1039	0.38%	58.6th	7.2	The Lenix Elementor Leads addon plugin for WordPress has a stored XSS vulnerability in URL form fiel
1483	CVE-2024-54291	0.38%	58.6th	8.6	This path traversal vulnerability in the PluginPass WordPress plugin allows attackers to manipulate
1484	CVE-2024-11283	0.38%	58.6th	7.5	The WP JobHunt plugin for WordPress has an authentication bypass vulnerability that allows unauthent
1485	CVE-2025-24056	0.38%	58.6th	8.8	A heap-based buffer overflow vulnerability in Windows Telephony Server allows remote attackers to ex
1486	CVE-2025-32633	0.38%	58.6th	8.6	This path traversal vulnerability in the neoslab Database Toolset WordPress plugin allows attackers
1487	CVE-2025-32631	0.38%	58.6th	8.6	This path traversal vulnerability in Oxygen MyData for WooCommerce allows attackers to delete arbitr
1488	CVE-2025-1932	0.37%	58.6th	8.1	A memory corruption vulnerability in Firefox and Thunderbird's XSLT processor could allow attackers
1489	CVE-2025-4139	0.37%	58.5th	8.8	A critical buffer overflow vulnerability in Netgear EX6120's fwAcosCgiInbound function allows remote
1490	CVE-2025-5619	0.37%	58.5th	8.8	A critical stack-based buffer overflow vulnerability in Tenda CH22 routers allows remote attackers t
1491	CVE-2025-29523	0.37%	58.5th	7.2	This CVE describes a command injection vulnerability in D-Link DSL-7740C routers that allows attacke
1492	CVE-2024-9132	0.37%	58.4th	8.1	This vulnerability allows administrators to configure insecure captive portal scripts in Arista EOS
1493	CVE-2025-0999	0.37%	58.5th	8.8	A heap buffer overflow vulnerability in Chrome's V8 JavaScript engine allows remote attackers to pot
1494	CVE-2024-13567	0.37%	58.4th	7.5	This vulnerability allows unauthenticated attackers to access sensitive files stored in the Awesome
1495	CVE-2025-1403	0.37%	58.4th	8.6	This vulnerability allows remote attackers to cause denial of service by sending maliciously crafted
1496	CVE-2025-7806	0.37%	58.4th	8.8	A critical stack-based buffer overflow vulnerability in Tenda FH451 routers allows remote attackers
1497	CVE-2025-7805	0.37%	58.4th	8.8	A critical stack-based buffer overflow vulnerability in Tenda FH451 routers allows remote attackers
1498	CVE-2025-7794	0.37%	58.4th	8.8	A critical stack-based buffer overflow vulnerability in Tenda FH451 routers allows remote attackers
1499	CVE-2025-7792	0.37%	58.4th	8.8	A critical stack-based buffer overflow vulnerability in Tenda FH451 routers allows remote attackers
1500	CVE-2025-7549	0.37%	58.4th	8.8	A critical stack-based buffer overflow vulnerability in Tenda FH1201 routers allows remote attackers

← Previous Page 30 of 265 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free