Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Flags	Summary
1601	CVE-2024-56411	0.87%	74.8th	5.4		PhpSpreadsheet versions before 3.7.0, 2.3.5, 2.1.6, and 1.29.7 have a cross-site scripting vulnerabi
1602	CVE-2025-25069	0.87%	74.8th	6.5		A Cross-Protocol Scripting vulnerability in Apache Kvrocks allows HTTP requests to be interpreted as
1603	CVE-2025-1061	0.87%	74.8th	9.8		The Nextend Social Login Pro WordPress plugin has an authentication bypass vulnerability that allows
1604	CVE-2025-21384	0.87%	74.7th	8.3		An authenticated attacker can exploit a Server-Side Request Forgery (SSRF) vulnerability in Microsof
1605	CVE-2025-5391	0.87%	74.7th	8.1		The WooCommerce Purchase Orders plugin for WordPress has a vulnerability that allows authenticated u
1606	CVE-2024-54024	0.87%	74.7th	7.2		This OS command injection vulnerability in Fortinet FortiIsolator allows attackers with super-admin
1607	CVE-2024-55507	0.86%	74.7th	9.8		A privilege escalation vulnerability in CodeAstro Complaint Management System v1.0 allows remote att
1608	CVE-2024-55532	0.86%	74.7th	9.8		This vulnerability allows CSV formula injection in Apache Ranger's export feature, enabling attacker
1609	CVE-2025-26199	0.86%	74.7th	9.8		CloudClassroom-PHP-Project v1.0 transmits login passwords over unencrypted HTTP, allowing network-ba
1610	CVE-2025-15048	0.86%	74.6th	7.3		This vulnerability allows remote attackers to execute arbitrary commands on Tenda WH450 routers by i
1611	CVE-2022-50795	0.86%	74.6th	7.8		CVE-2022-50795 is a conditional command injection vulnerability in SOUND4 IMPACT/FIRST/PULSE/Eco sys
1612	CVE-2025-3115	0.86%	74.6th	9.8		CVE-2025-3115 is a critical vulnerability in Spotfire software that allows attackers to inject malic
1613	CVE-2025-31722	0.86%	74.5th	8.8		This vulnerability allows attackers with Item/Configure permission in Jenkins to bypass sandbox prot
1614	CVE-2025-27419	0.85%	74.5th	7.5		CVE-2025-27419 is a denial-of-service vulnerability in WeGIA web management software that allows una
1615	CVE-2026-1690	0.85%	74.5th	4.7		This CVE describes a command injection vulnerability in Tenda HG10 routers affecting the /boaform/fo
1616	CVE-2025-8464	0.85%	74.4th	5.3		This vulnerability in the Drag and Drop Multiple File Upload for Contact Form 7 WordPress plugin all
1617	CVE-2025-13418	0.85%	74.4th	6.4		The Responsive Pricing Table WordPress plugin has a stored XSS vulnerability in all versions up to 5
1618	CVE-2025-0953	0.85%	74.4th	7.2		This vulnerability allows unauthenticated attackers to inject malicious scripts into WordPress pages
1619	CVE-2025-0918	0.85%	74.4th	7.2		The SMTP for SendGrid – YaySMTP WordPress plugin up to version 1.3.1 contains a stored cross-site
1620	CVE-2025-0916	0.85%	74.4th	7.2		This vulnerability allows unauthenticated attackers to inject malicious scripts into WordPress pages
1621	CVE-2025-45427	0.85%	74.4th	9.8		This CVE describes a stack overflow vulnerability in Tenda AC9 routers that allows remote attackers
1622	CVE-2024-8474	0.84%	74.3th	7.5		OpenVPN Connect versions before 3.5.0 log the configuration profile's private key in clear text with
1623	CVE-2025-53475	0.84%	74.3th	8.8		This vulnerability in Advantech iView allows authenticated attackers with user-level privileges to p
1624	CVE-2025-26385	0.84%	74.3th	N/A		This CVE describes a command injection vulnerability in Johnson Controls Metasys components that all
1625	CVE-2024-9354	0.84%	74.3th	6.1		The Estatik Mortgage Calculator WordPress plugin contains a reflected cross-site scripting vulnerabi
1626	CVE-2025-61809	0.84%	74.3th	9.1		This CVE describes an Improper Input Validation vulnerability in Adobe ColdFusion that allows attack
1627	CVE-2023-53772	0.84%	74.3th	7.5		MiniDVBLinux 5.4 contains an arbitrary file disclosure vulnerability that allows unauthenticated att
1628	CVE-2025-0242	0.84%	74.3th	6.5		This CVE describes memory safety bugs in Mozilla Firefox and Thunderbird that could lead to memory c
1629	CVE-2025-27190	0.84%	74.3th	5.3		This CVE describes an Improper Access Control vulnerability in Adobe Commerce that allows attackers
1630	CVE-2024-12334	0.84%	74.3th	6.1		This vulnerability allows unauthenticated attackers to inject malicious scripts via URL parameters i
1631	CVE-2025-2243	0.84%	74.3th	7.3		A server-side request forgery (SSRF) vulnerability in Bitdefender GravityZone Console allows attacke
1632	CVE-2025-20634	0.84%	74.3th	9.8		This critical vulnerability in MediaTek modems allows remote code execution when a device connects t
1633	CVE-2025-32709	0.84%	74.3th	7.8	KEV	A null pointer dereference vulnerability in Windows Ancillary Function Driver for WinSock allows aut
1634	CVE-2024-10960	0.84%	74.3th	9.9		The Brizy Page Builder WordPress plugin allows authenticated users with Contributor-level access or
1635	CVE-2025-29281	0.84%	74.3th	8.8		PerfreeBlog 4.0.11 contains an arbitrary file upload vulnerability in the attach component that allo
1636	CVE-2025-3161	0.84%	74.2th	8.8		A critical stack-based buffer overflow vulnerability in Tenda AC10 routers allows remote attackers t
1637	CVE-2025-34414	0.84%	74.2th	N/A		This vulnerability allows remote unauthenticated attackers to read arbitrary files, write files, and
1638	CVE-2026-1625	0.84%	74.2th	6.3		This CVE describes a command injection vulnerability in D-Link DWR-M961 routers that allows remote a
1639	CVE-2026-1624	0.84%	74.2th	6.3		This CVE describes a command injection vulnerability in D-Link DWR-M961 routers that allows remote a
1640	CVE-2025-29811	0.84%	74.2th	7.8		This vulnerability allows an authorized attacker with local access to a Windows system to exploit im
1641	CVE-2025-29967	0.83%	74.2th	8.8		A heap-based buffer overflow vulnerability in Microsoft's Remote Desktop Gateway Service allows unau
1642	CVE-2024-13538	0.83%	74.1th	5.3		The BigBuy Dropshipping Connector for WooCommerce WordPress plugin discloses the full server path th
1643	CVE-2025-48868	0.83%	74.1th	7.2		Horilla HRMS version 1.3.0 contains an authenticated Remote Code Execution vulnerability where privi
1644	CVE-2025-68455	0.83%	74.1th	7.2		This vulnerability allows authenticated remote code execution in Craft CMS when an attacker with adm
1645	CVE-2025-2449	0.83%	74.1th	8.8		This vulnerability in NI FlexLogger's usiReg component allows remote attackers to create arbitrary f
1646	CVE-2024-12551	0.83%	74.1th	7.8		This vulnerability allows remote attackers to execute arbitrary code by tricking users into opening
1647	CVE-2024-12547	0.83%	74.1th	8.8		This vulnerability allows remote attackers to execute arbitrary code by tricking users into opening
1648	CVE-2026-1638	0.83%	74.1th	6.3		This CVE describes a remote command injection vulnerability in Tenda AC21 routers. Attackers can exe
1649	CVE-2025-34202	0.83%	74th	8.8		This vulnerability exposes Docker container networks in Vasion Print (formerly PrinterLogic) deploym
1650	CVE-2025-1851	0.82%	74th	8.8		A critical stack-based buffer overflow vulnerability in Tenda AC7 routers allows remote attackers to

← Previous Page 33 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free