Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
1801	CVE-2025-21352	0.73%	72.1th	6.5	This vulnerability in Internet Connection Sharing (ICS) allows attackers to cause a denial of servic
1802	CVE-2025-32577	0.73%	72.1th	9.8	This vulnerability allows attackers to include local files on the server through PHP's include/requi
1803	CVE-2025-22783	0.73%	72.1th	8.5	This SQL injection vulnerability in the Squirrly SEO WordPress plugin allows attackers to execute ar
1804	CVE-2025-0471	0.72%	72.1th	9.9	An unrestricted file upload vulnerability in PMB platform versions 4.0.10 and above allows attackers
1805	CVE-2025-59352	0.72%	72.1th	9.8	This vulnerability in Dragonfly allows peers to create or read arbitrary files on other peers' syste
1806	CVE-2025-20659	0.72%	72.1th	6.5	This vulnerability in MediaTek modems allows remote denial of service through improper input validat
1807	CVE-2024-13619	0.72%	72.1th	6.1	This vulnerability in the LifterLMS WordPress plugin allows attackers to inject malicious scripts vi
1808	CVE-2024-12724	0.72%	72.1th	6.1	WP DeskLite WordPress plugin through version 1.0.0 contains a reflected cross-site scripting (XSS) v
1809	CVE-2025-27540	0.72%	72th	9.8	An unauthenticated SQL injection vulnerability in TeleControl Server Basic allows remote attackers t
1810	CVE-2025-27495	0.72%	72th	9.8	This critical SQL injection vulnerability in TeleControl Server Basic allows unauthenticated remote
1811	CVE-2025-49630	0.72%	72.1th	7.5	This vulnerability allows untrusted clients to trigger a denial of service attack against Apache HTT
1812	CVE-2025-13698	0.72%	72th	4.5	This vulnerability allows authenticated attackers on the same network to create arbitrary files on O
1813	CVE-2025-45017	0.72%	72th	9.8	A critical SQL injection vulnerability in PHPGurukul Park Ticketing Management System v2.0 allows re
1814	CVE-2025-2996	0.72%	72th	5.3	This vulnerability in Tenda FH1202 routers allows attackers to bypass access controls on the web man
1815	CVE-2025-2991	0.72%	72th	5.3	This critical vulnerability in Tenda FH1202 routers allows remote attackers to bypass access control
1816	CVE-2025-30213	0.72%	72th	8.8	This vulnerability in Frappe framework allows authenticated system users to create documents in a sp
1817	CVE-2025-54385	0.72%	72th	9.8	This CVE describes a critical SQL injection vulnerability in XWiki Platform that allows attackers to
1818	CVE-2025-65878	0.72%	72th	7.5	The warehouse management system version 1.2 contains an arbitrary file read vulnerability via direct
1819	CVE-2025-6763	0.72%	72th	8.1	This CVE describes an authentication bypass vulnerability in Comet System's web-based management int
1820	CVE-2026-1735	0.72%	72th	4.3	This CVE describes a command injection vulnerability in Yealink MeetingBar A30's Diagnostic Handler
1821	CVE-2025-28407	0.72%	71.9th	8.8	This vulnerability in RUoYi v4.8.0 allows remote attackers to escalate privileges by exploiting impr
1822	CVE-2025-54122	0.72%	71.9th	10.0	An unauthenticated Server-Side Request Forgery (SSRF) vulnerability in Manager accounting software a
1823	CVE-2024-37917	0.72%	71.9th	7.5	CVE-2024-37917 is an improper input validation vulnerability in Pexip Infinity video conferencing so
1824	CVE-2025-3028	0.72%	71.9th	6.5	This vulnerability allows JavaScript code to trigger a use-after-free condition during XSLT document
1825	CVE-2025-31499	0.71%	71.9th	8.8	This vulnerability allows argument injection in Jellyfin's FFmpeg processing, which can lead to arbi
1826	CVE-2025-34278	0.71%	71.9th	5.4	Nagios Network Analyzer versions before 2024R1 contain a stored XSS vulnerability in the Source Grou
1827	CVE-2011-10037	0.71%	71.9th	5.4	This cross-site scripting vulnerability in Nagios XI allows attackers to inject malicious scripts in
1828	CVE-2025-3610	0.71%	71.9th	8.8	The Reales WP STPT WordPress plugin allows authenticated attackers with subscriber-level access to c
1829	CVE-2025-21344	0.71%	71.8th	7.8	This vulnerability allows remote attackers to execute arbitrary code on Microsoft SharePoint Server
1830	CVE-2025-1475	0.71%	71.8th	9.8	The WPCOM Member WordPress plugin has an authentication bypass vulnerability that allows unauthentic
1831	CVE-2025-7401	0.71%	71.8th	9.8	This vulnerability in the Premium Age Verification WordPress plugin allows unauthenticated attackers
1832	CVE-2025-32711	0.71%	71.8th	9.3	This CVE describes an AI command injection vulnerability in Microsoft 365 Copilot that allows unauth
1833	CVE-2024-58294	0.71%	71.8th	8.8	FreePBX 16 contains an authenticated remote code execution vulnerability in the API module. Attacker
1834	CVE-2024-58287	0.71%	71.8th	8.8	CVE-2024-58287 is an authenticated command injection vulnerability in reNgine 2.2.0 that allows atta
1835	CVE-2025-25784	0.71%	71.7th	9.8	An arbitrary file upload vulnerability in Jizhicms v2.5.4 allows attackers to upload malicious Zip f
1836	CVE-2025-58748	0.71%	71.7th	9.8	This vulnerability allows remote code execution in Dataease by exploiting improper JDBC URL validati
1837	CVE-2026-0766	0.71%	71.7th	8.8	This vulnerability allows authenticated remote attackers to execute arbitrary Python code on Open We
1838	CVE-2026-0765	0.71%	71.7th	8.8	This vulnerability allows authenticated remote attackers to execute arbitrary system commands on Ope
1839	CVE-2025-23196	0.71%	71.7th	8.8	This CVE describes a code injection vulnerability in Apache Ambari's Alert Definition feature where
1840	CVE-2024-8769	0.71%	71.7th	9.1	This vulnerability allows attackers to delete arbitrary files on systems running the aimhubio/aim tr
1841	CVE-2025-3836	0.71%	71.7th	8.3	This vulnerability allows authenticated attackers to execute arbitrary SQL commands through the logo
1842	CVE-2025-25387	0.7%	71.6th	7.2	This SQL injection vulnerability in PHPGurukul Land Record System v1.0 allows remote attackers to ex
1843	CVE-2025-25357	0.7%	71.6th	7.2	A SQL injection vulnerability in PHPGurukul Land Record System v1.0 allows remote attackers to execu
1844	CVE-2025-25356	0.7%	71.6th	7.2	A SQL injection vulnerability in PHPGurukul Land Record System v1.0 allows remote attackers to execu
1845	CVE-2025-25355	0.7%	71.6th	7.2	A SQL injection vulnerability in PHPGurukul Land Record System v1.0 allows remote attackers to execu
1846	CVE-2025-25354	0.7%	71.6th	7.2	This SQL injection vulnerability in PHPGurukul Land Record System v1.0 allows remote attackers to ex
1847	CVE-2025-25352	0.7%	71.6th	7.2	This SQL injection vulnerability in PHPGurukul Land Record System v1.0 allows remote attackers to ex
1848	CVE-2025-32137	0.7%	71.6th	4.9	This CVE describes a relative path traversal vulnerability in the s2Member WordPress plugin that all
1849	CVE-2025-1265	0.7%	71.6th	9.9	An OS command injection vulnerability in Vinci Protocol Analyzer allows attackers to execute arbitra
1850	CVE-2024-13681	0.7%	71.6th	7.5	The Uncode WordPress theme contains an arbitrary file read vulnerability that allows unauthenticated

← Previous Page 37 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free