Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 1501 | CVE-2025-7544 |
|
58.4th | 8.8 | A critical stack-based buffer overflow vulnerability in Tenda AC1206 routers allows remote attackers | |
| 1502 | CVE-2025-9483 |
|
58.4th | 8.8 | A stack-based buffer overflow vulnerability in Linksys RE series range extenders allows remote attac | |
| 1503 | CVE-2025-9358 |
|
58.4th | 8.8 | A stack-based buffer overflow vulnerability in Linksys WiFi range extenders allows remote attackers | |
| 1504 | CVE-2025-9355 |
|
58.4th | 8.8 | A stack-based buffer overflow vulnerability in Linksys RE series range extenders allows remote attac | |
| 1505 | CVE-2025-9023 |
|
58.4th | 8.8 | A buffer overflow vulnerability in Tenda AC7 and AC18 routers allows remote attackers to execute arb | |
| 1506 | CVE-2025-9791 |
|
58.4th | 8.8 | This vulnerability allows remote attackers to execute arbitrary code on Tenda AC20 routers via a sta | |
| 1507 | CVE-2025-15257 |
|
58.4th | 7.3 | This CVE describes a command injection vulnerability in the Edimax BR-6208AC router's web configurat | |
| 1508 | CVE-2020-0919 |
|
58.3th | 7.8 | This vulnerability allows attackers to load unsigned binaries in Microsoft Remote Desktop App for Ma | |
| 1509 | CVE-2025-0568 |
|
58.2th | 7.5 | This vulnerability allows remote attackers to cause denial-of-service on Sante PACS Server by sendin | |
| 1510 | CVE-2025-26530 |
|
58.2th | 8.3 | This reflected cross-site scripting (XSS) vulnerability in Moodle's question bank filter allows atta | |
| 1511 | CVE-2024-13600 |
|
58.3th | 7.5 | This vulnerability allows unauthenticated attackers to access sensitive file attachments from WordPr | |
| 1512 | CVE-2025-1514 |
|
58.3th | 7.3 | This vulnerability in the Active Products Tables for WooCommerce WordPress plugin allows unauthentic | |
| 1513 | CVE-2024-53388 |
|
58.3th | 8.8 | A DOM Clobbering vulnerability in Mavo v0.3.2 allows attackers to inject malicious HTML elements tha | |
| 1514 | CVE-2025-6554 |
|
58.3th | 8.1 | KEV | This vulnerability is a type confusion flaw in Chrome's V8 JavaScript engine that allows attackers t |
| 1515 | CVE-2025-11942 |
|
58.3th | 7.3 | This vulnerability allows attackers to bypass the pairing authentication mechanism in 70mai X200 das | |
| 1516 | CVE-2024-12703 |
|
58.2th | 7.8 | This CVE describes a deserialization vulnerability in Schneider Electric software where a non-admin | |
| 1517 | CVE-2025-20175 |
|
58.2th | 7.7 | A vulnerability in Cisco IOS and IOS XE SNMP subsystems allows authenticated remote attackers to cau | |
| 1518 | CVE-2025-20174 |
|
58.2th | 7.7 | A vulnerability in Cisco IOS and IOS XE SNMP subsystems allows authenticated remote attackers to cau | |
| 1519 | CVE-2025-20170 |
|
58.2th | 7.7 | A vulnerability in Cisco IOS and IOS XE SNMP subsystems allows authenticated remote attackers to cau | |
| 1520 | CVE-2025-20169 |
|
58.2th | 7.7 | A vulnerability in Cisco IOS and IOS XE SNMP subsystems allows authenticated remote attackers to cau | |
| 1521 | CVE-2025-2398 |
|
58.2th | 7.2 | This critical vulnerability in China Mobile networking devices allows attackers to use default crede | |
| 1522 | CVE-2024-56528 |
|
58.2th | 7.5 | This vulnerability allows attackers to send very large payloads to Snowplow Collector 3.x servers, c | |
| 1523 | CVE-2025-8180 |
|
58.2th | 8.8 | A critical buffer overflow vulnerability in Tenda CH22 routers allows remote attackers to execute ar | |
| 1524 | CVE-2025-8289 |
|
58.2th | 7.5 | This vulnerability in the Redirection for Contact Form 7 WordPress plugin allows unauthenticated att | |
| 1525 | CVE-2025-8939 |
|
58.2th | 8.8 | This vulnerability allows remote attackers to execute arbitrary code on Tenda AC20 routers by exploi | |
| 1526 | CVE-2025-11001 |
|
58.2th | 7.8 | This vulnerability in 7-Zip allows remote attackers to execute arbitrary code by exploiting director | |
| 1527 | CVE-2025-2360 |
|
58.1th | 7.3 | A critical vulnerability in D-Link DIR-823G routers allows remote attackers to bypass authorization | |
| 1528 | CVE-2025-7424 |
|
58.1th | 7.5 | A type confusion vulnerability in libxslt's psvi memory field allows attackers to crash applications | |
| 1529 | CVE-2025-55588 |
|
58.1th | 7.5 | This buffer overflow vulnerability in TOTOLINK A3002R routers allows attackers to cause Denial of Se | |
| 1530 | CVE-2025-55586 |
|
58.1th | 7.5 | This CVE describes a buffer overflow vulnerability in the TOTOLINK A3002R router's web interface. At | |
| 1531 | CVE-2025-56099 |
|
58.1th | 8.8 | This CVE describes an OS command injection vulnerability in Ruijie RG-YST access points that allows | |
| 1532 | CVE-2025-56113 |
|
58.1th | 8.8 | This CVE describes an OS command injection vulnerability in Ruijie RG-YST EST devices that allows at | |
| 1533 | CVE-2024-10574 |
|
57.9th | 7.2 | This vulnerability allows unauthenticated attackers to modify Google Sheets integration credentials | |
| 1534 | CVE-2024-56901 |
|
57.9th | 8.8 | This CSRF vulnerability in Geovision GV-ASWeb allows attackers to create administrator accounts with | |
| 1535 | CVE-2025-27198 |
|
57.9th | 7.8 | A heap-based buffer overflow vulnerability in Adobe Photoshop allows attackers to execute arbitrary | |
| 1536 | CVE-2025-15389 |
|
57.9th | 8.8 | This vulnerability allows authenticated remote attackers to execute arbitrary operating system comma | |
| 1537 | CVE-2025-15388 |
|
57.9th | 8.8 | This vulnerability allows authenticated remote attackers to execute arbitrary operating system comma | |
| 1538 | CVE-2025-13711 |
|
57.8th | 7.8 | This vulnerability in Tencent TFace allows remote attackers to execute arbitrary code with root priv | |
| 1539 | CVE-2025-13709 |
|
57.8th | 7.8 | This vulnerability in Tencent TFace's restore_checkpoint function allows remote attackers to execute | |
| 1540 | CVE-2026-0855 |
|
57.9th | 8.8 | Merit LILIN IP cameras have an OS command injection vulnerability that allows authenticated remote a | |
| 1541 | CVE-2026-0854 |
|
57.9th | 8.8 | This vulnerability allows authenticated remote attackers to execute arbitrary operating system comma | |
| 1542 | CVE-2026-25512 |
|
57.8th | 8.8 | This CVE describes a remote code execution vulnerability in Group-Office where an authenticated atta | |
| 1543 | CVE-2025-25515 |
|
57.8th | 8.8 | Seacms versions up to 13.3 contain a SQL injection vulnerability in admin_collect.php that allows au | |
| 1544 | CVE-2025-4810 |
|
57.7th | 8.8 | A critical stack-based buffer overflow vulnerability in Tenda AC7 routers allows remote attackers to | |
| 1545 | CVE-2025-4809 |
|
57.7th | 8.8 | A critical stack-based buffer overflow vulnerability in Tenda AC7 routers allows remote attackers to | |
| 1546 | CVE-2025-34183 |
|
57.7th | 7.5 | This vulnerability allows unauthenticated remote attackers to retrieve plaintext credentials from ex | |
| 1547 | CVE-2025-67843 |
|
57.7th | 8.3 | This Server-Side Template Injection vulnerability in Mintlify's MDX Rendering Engine allows attacker | |
| 1548 | CVE-2025-36745 |
|
57.7th | 7.8 | SolarEdge SE3680H inverters ship with an outdated Linux kernel containing unpatched vulnerabilities | |
| 1549 | CVE-2024-58280 |
|
57.7th | 8.8 | CMSimple 5.15 contains a remote command execution vulnerability where authenticated attackers can mo | |
| 1550 | CVE-2025-7117 |
|
57.6th | 8.8 | A critical buffer overflow vulnerability in UTT HiPER 840G routers allows remote attackers to execut |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free