Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 1751 | CVE-2025-3622 |
|
37.4th | 5.5 | A critical deserialization vulnerability in Xorbits Inference allows attackers to execute arbitrary | |
| 1752 | CVE-2024-13898 |
|
37.4th | 4.4 | This stored XSS vulnerability in the Simple Banner WordPress plugin allows authenticated administrat | |
| 1753 | CVE-2025-2874 |
|
37.4th | 4.4 | This stored XSS vulnerability in the User Submitted Posts WordPress plugin allows authenticated admi | |
| 1754 | CVE-2025-1512 |
|
37.4th | 6.4 | This vulnerability allows authenticated WordPress users with Contributor-level access or higher to i | |
| 1755 | CVE-2025-20292 |
|
37.4th | 4.4 | This vulnerability allows authenticated local attackers on Cisco NX-OS devices to execute command in | |
| 1756 | CVE-2025-45326 |
|
37.5th | 6.5 | This vulnerability allows remote attackers to execute arbitrary code on PocketVJ CP systems via the | |
| 1757 | CVE-2025-13565 |
|
37.4th | 5.3 | This vulnerability allows unauthenticated attackers to perform weak password recovery attacks on Sou | |
| 1758 | CVE-2024-13300 |
|
37.2th | 6.6 | This vulnerability in Drupal's Print Anything module allows attackers to execute arbitrary code on a | |
| 1759 | CVE-2024-10536 |
|
37.3th | 4.3 | The FancyPost WordPress plugin has an authorization vulnerability that allows authenticated users wi | |
| 1760 | CVE-2024-13850 |
|
37.3th | 5.5 | This stored XSS vulnerability in the Simple add pages or posts WordPress plugin allows authenticated | |
| 1761 | CVE-2024-29409 |
|
37.3th | 5.5 | A file upload vulnerability in NestJS allows remote attackers to execute arbitrary code by manipulat | |
| 1762 | CVE-2025-3275 |
|
37.3th | 6.4 | This vulnerability allows authenticated WordPress users with Contributor-level access or higher to i | |
| 1763 | CVE-2025-3247 |
|
37.3th | 5.3 | The Contact Form 7 WordPress plugin has an order replay vulnerability that allows unauthenticated at | |
| 1764 | CVE-2025-2314 |
|
37.3th | 6.4 | This vulnerability allows authenticated WordPress users with contributor-level access or higher to i | |
| 1765 | CVE-2024-49706 |
|
37.3th | 6.1 | This CVE describes an open redirect vulnerability in Internet Starter, a module of the SoftCOM iKSOR | |
| 1766 | CVE-2024-13673 |
|
37.3th | 6.4 | The Big Boom Directory WordPress plugin has a stored XSS vulnerability in its 'bbd-search' shortcode | |
| 1767 | CVE-2025-20949 |
|
37.3th | 5.1 | A path traversal vulnerability in Samsung Members app allows attackers to read and write arbitrary f | |
| 1768 | CVE-2025-8492 |
|
37.3th | 5.3 | The Salon Booking System WordPress plugin has an authorization bypass vulnerability that allows unau | |
| 1769 | CVE-2025-13081 |
|
37.2th | 5.9 | This CVE describes an object injection vulnerability in Drupal core that allows attackers to modify | |
| 1770 | CVE-2025-0518 |
|
37.2th | 5.3 | This CVE describes an unchecked return value and out-of-bounds read vulnerability in FFmpeg's pan au | |
| 1771 | CVE-2025-1191 |
|
37.1th | 6.3 | This vulnerability allows remote attackers to execute SQL injection attacks via the 'breject_id' par | |
| 1772 | CVE-2025-30168 |
|
37.1th | 6.9 | Parse Server versions before 7.5.2 and 8.0.2 have an authentication vulnerability where third-party | |
| 1773 | CVE-2024-30143 |
|
37.2th | 4.3 | This vulnerability in HCL AppScan Traffic Recorder allows attackers to bypass directory restrictions | |
| 1774 | CVE-2024-55408 |
|
37th | 5.3 | An improper access control vulnerability in the AsusSAIO.sys driver allows attackers to send crafted | |
| 1775 | CVE-2024-55627 |
|
37.1th | 5.9 | This vulnerability in Suricata allows an attacker to trigger a large buffer overflow via specially c | |
| 1776 | CVE-2025-1818 |
|
37.1th | 6.3 | This critical vulnerability in zj1983 zz software allows remote attackers to upload arbitrary files | |
| 1777 | CVE-2024-58116 |
|
37.1th | 4.0 | A buffer overflow vulnerability exists in the SVG parsing module of Huawei's ArkUI framework. Succes | |
| 1778 | CVE-2025-4223 |
|
37th | 4.7 | This vulnerability allows attackers to inject malicious scripts via the 'login_url' parameter in the | |
| 1779 | CVE-2025-57164 |
|
37.1th | 6.5 | CVE-2025-57164 allows remote code execution in Flowise AI platforms through unsanitized user input i | |
| 1780 | CVE-2025-11631 |
|
37.1th | 5.4 | This CVE describes a path traversal vulnerability in RainyGao DocSys up to version 2.02.36. Attacker | |
| 1781 | CVE-2024-0137 |
|
36.9th | 5.5 | NVIDIA Container Toolkit has an improper isolation vulnerability where specially crafted container i | |
| 1782 | CVE-2024-13296 |
|
37th | 6.6 | This vulnerability in Drupal Mailjet module allows attackers to inject malicious objects through des | |
| 1783 | CVE-2024-56242 |
|
37th | 6.5 | This stored cross-site scripting (XSS) vulnerability in the Tyche Softwares Arconix Shortcodes WordP | |
| 1784 | CVE-2024-13217 |
|
36.9th | 4.3 | The Jeg Elementor Kit WordPress plugin exposes sensitive template data through insecure functions. A | |
| 1785 | CVE-2025-31527 |
|
36.9th | 6.4 | This Server-Side Request Forgery (SSRF) vulnerability in the Kishan WP Link Preview WordPress plugin | |
| 1786 | CVE-2025-30881 |
|
36.9th | 4.3 | This CVE describes a missing authorization vulnerability in the ThemeHunk Big Store WordPress theme | |
| 1787 | CVE-2025-30874 |
|
36.9th | 4.3 | This CVE describes a missing authorization vulnerability in the WordPress plugin 'Specific Content F | |
| 1788 | CVE-2024-13546 |
|
36.9th | 4.3 | The GenerateBlocks WordPress plugin exposes sensitive content from private, draft, and scheduled pos | |
| 1789 | CVE-2025-32684 |
|
36.9th | 5.0 | This CVE describes a Missing Authorization vulnerability in the MapSVG Lite WordPress plugin that al | |
| 1790 | CVE-2025-27437 |
|
36.9th | 4.3 | This vulnerability allows authenticated non-administrative users in SAP NetWeaver Application Server | |
| 1791 | CVE-2025-31882 |
|
36.9th | 4.3 | This CVE describes a Missing Authorization vulnerability in the WPWebinarSystem WebinarPress WordPre | |
| 1792 | CVE-2025-31856 |
|
36.9th | 4.3 | This CVE describes a Missing Authorization vulnerability in the WordPress Export All Post Meta plugi | |
| 1793 | CVE-2025-26392 |
|
36.9th | 5.4 | SolarWinds Observability Self-Hosted contains a SQL injection vulnerability that allows authenticate | |
| 1794 | CVE-2025-20360 |
|
36.9th | 5.8 | A vulnerability in Cisco's Snort 3 HTTP Decoder allows unauthenticated remote attackers to trigger a | |
| 1795 | CVE-2025-61912 |
|
36.9th | 5.3 | A vulnerability in python-ldap's escape_dn_chars() function incorrectly escapes null bytes, causing | |
| 1796 | CVE-2025-14746 |
|
37th | 4.3 | This vulnerability allows unauthenticated access to the RTSP live video stream endpoint in Ningyuand | |
| 1797 | CVE-2024-25705 |
|
36.9th | 5.4 | A cross-site scripting (XSS) vulnerability in Esri Portal for ArcGIS Experience Builder allows authe | |
| 1798 | CVE-2024-35113 |
|
36.8th | 4.3 | IBM Control Center versions 6.2.1 and 6.3.1 contain an information disclosure vulnerability where au | |
| 1799 | CVE-2025-0582 |
|
36.8th | 4.7 | This critical vulnerability in itsourcecode Farm Management System allows remote attackers to upload | |
| 1800 | CVE-2025-23919 |
|
36.8th | 5.4 | This Cross-Site Scripting (XSS) vulnerability in the Ella van Durpe Slides & Presentations WordPress |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free