Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
1751	CVE-2025-2807	0.75%	72.8th	8.8	This vulnerability allows authenticated WordPress users with Subscriber-level access or higher to in
1752	CVE-2025-59295	0.75%	72.7th	8.8	A heap-based buffer overflow vulnerability in Internet Explorer allows remote attackers to execute a
1753	CVE-2025-3495	0.75%	72.7th	9.8	Delta Electronics COMMGR v1 and v2 use predictable session IDs due to insufficient randomization (CW
1754	CVE-2025-5322	0.75%	72.7th	7.2	The VikRentCar WordPress plugin up to version 1.4.3 allows authenticated administrators to upload ar
1755	CVE-2025-5966	0.75%	72.7th	8.1	This vulnerability allows attackers to inject malicious scripts into the 'Attachments by filename ke
1756	CVE-2025-20229	0.75%	72.7th	8.0	This vulnerability allows low-privileged Splunk users without admin or power roles to execute arbitr
1757	CVE-2024-7806	0.75%	72.6th	8.8	This vulnerability allows non-admin users to execute arbitrary code remotely via CSRF attacks in ope
1758	CVE-2024-13993	0.75%	72.6th	6.1	Nagios XI versions before 2024R1.1.2 have a reflected cross-site scripting (XSS) vulnerability on th
1759	CVE-2021-47850	0.75%	72.6th	7.5	Mini Mouse 9.2.0 contains a path traversal vulnerability that allows remote attackers to access arbi
1760	CVE-2024-38311	0.75%	72.6th	6.3	Apache Traffic Server has an improper input validation vulnerability that could allow attackers to c
1761	CVE-2024-54145	0.74%	72.6th	6.3	CVE-2024-54145 is a SQL injection vulnerability in Cacti's automation_devices.php file that allows a
1762	CVE-2025-3277	0.74%	72.6th	9.8	This CVE describes an integer overflow vulnerability in SQLite's concat_ws() function that leads to
1763	CVE-2025-7360	0.74%	72.6th	9.1	This vulnerability in the HT Contact Form WordPress plugin allows unauthenticated attackers to move
1764	CVE-2024-13714	0.74%	72.6th	8.8	This vulnerability allows authenticated WordPress users with Subscriber-level access or higher to up
1765	CVE-2016-15048	0.74%	72.5th	9.8	This is an unauthenticated remote command injection vulnerability in AMTT Hotel Broadband Operation
1766	CVE-2025-2549	0.74%	72.5th	4.3	This CVE describes an improper access control vulnerability in D-Link DIR-618 and DIR-605L routers a
1767	CVE-2023-3708	0.74%	72.5th	6.1	This vulnerability allows unauthenticated attackers to perform reflected cross-site scripting (XSS)
1768	CVE-2025-50706	0.74%	72.5th	9.8	This vulnerability in ThinkPHP v5.1 allows remote attackers to execute arbitrary code via the routec
1769	CVE-2024-13992	0.74%	72.5th	5.4	Nagios XI versions before 2024R1.1 contain a reflected cross-site scripting (XSS) vulnerability in t
1770	CVE-2024-14001	0.74%	72.5th	5.4	Nagios XI versions before 2024R1.1.3 are vulnerable to cross-site scripting (XSS) in the Executive S
1771	CVE-2024-14000	0.74%	72.5th	5.4	Nagios XI versions before 2024R1.1.3 contain a cross-site scripting vulnerability in the Capacity Pl
1772	CVE-2023-7316	0.74%	72.5th	5.4	Nagios XI versions before 2024R1 contain a cross-site scripting vulnerability in the Graph Explorer
1773	CVE-2025-36574	0.74%	72.4th	8.2	Dell Wyse Management Suite versions before 5.2 contain an absolute path traversal vulnerability that
1774	CVE-2025-46548	0.74%	72.4th	6.5	This vulnerability allows attackers to bypass Basic Authentication in Pekko Management when configur
1775	CVE-2025-67171	0.74%	72.5th	7.5	This directory traversal vulnerability in RiteCMS v3.1.0 allows attackers to bypass access controls
1776	CVE-2025-67160	0.74%	72.5th	7.5	This directory traversal vulnerability in Vatilon v1.12.37-20240124 allows attackers to access sensi
1777	CVE-2023-42785	0.74%	72.4th	6.5	A null pointer dereference vulnerability in FortiOS allows attackers to cause denial of service via
1778	CVE-2024-47051	0.74%	72.4th	9.1	This CVE addresses two critical vulnerabilities in Mautic versions before 5.2.3: a Remote Code Execu
1779	CVE-2025-21368	0.74%	72.4th	8.8	This vulnerability allows remote code execution through Microsoft Digest Authentication, enabling at
1780	CVE-2024-45199	0.74%	72.4th	8.8	This vulnerability allows attackers to execute arbitrary code remotely by injecting malicious parame
1781	CVE-2024-45198	0.74%	72.4th	8.8	This CVE describes a remote code execution vulnerability in insightsoftware Spark JDBC where attacke
1782	CVE-2024-8537	0.74%	72.4th	9.1	A path traversal vulnerability in modelscope/agentscope's /delete-workflow endpoint allows attackers
1783	CVE-2025-67255	0.74%	72.4th	8.8	NagiosXI 2026R1.0.1 build 1762361101 contains a SQL injection vulnerability in dashboard parameters
1784	CVE-2025-27730	0.74%	72.4th	7.8	CVE-2025-27730 is a use-after-free vulnerability in Windows Digital Media components that allows aut
1785	CVE-2025-27467	0.74%	72.4th	7.8	This vulnerability allows an authorized attacker to exploit a use-after-free flaw in Windows Digital
1786	CVE-2025-26675	0.74%	72.4th	7.8	This vulnerability allows an authorized attacker with local access to exploit an out-of-bounds read
1787	CVE-2025-24425	0.74%	72.3th	5.3	This CVE describes a business logic error in Adobe Commerce that allows attackers to bypass security
1788	CVE-2025-2618	0.74%	72.4th	9.8	A critical heap-based buffer overflow vulnerability in D-Link DAP-1620 access points allows remote a
1789	CVE-2025-49582	0.73%	72.3th	8.0	XWiki's required rights analyzers for dangerous macros are incomplete, allowing attackers to hide ma
1790	CVE-2025-27481	0.73%	72.3th	8.8	A stack-based buffer overflow vulnerability in Windows Telephony Service allows remote attackers to
1791	CVE-2025-21221	0.73%	72.3th	8.8	A heap-based buffer overflow vulnerability in Windows Telephony Service allows remote attackers to e
1792	CVE-2025-1936	0.73%	72.2th	7.3	This vulnerability in Firefox and Thunderbird allows attackers to hide malicious code in web extensi
1793	CVE-2024-56731	0.73%	72.2th	10.0	This vulnerability allows unprivileged users in Gogs to delete files in the .git directory, leading
1794	CVE-2025-9526	0.73%	72.2th	8.8	A remote stack-based buffer overflow vulnerability exists in the Linksys E1700 router's web interfac
1795	CVE-2024-11425	0.73%	72.2th	7.5	An unauthenticated attacker can send a specially crafted HTTPS packet to the webserver, causing a bu
1796	CVE-2025-4729	0.73%	72.2th	6.3	This critical vulnerability in TOTOLINK A3002R and A3002RU routers allows remote attackers to execut
1797	CVE-2025-6085	0.73%	72.2th	7.2	The Make Connector WordPress plugin allows authenticated attackers with Administrator privileges to
1798	CVE-2025-1012	0.73%	72.2th	7.5	A race condition during concurrent delazification in Mozilla products could lead to use-after-free v
1799	CVE-2025-0177	0.73%	72.2th	9.8	The Javo Core WordPress plugin allows unauthenticated attackers to create accounts with administrato
1800	CVE-2025-29708	0.73%	72.2th	9.8	SourceCodester Company Website CMS 1.0 contains an unauthenticated file upload vulnerability in the

← Previous Page 36 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free