Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 1851 | CVE-2024-49785 |
|
36.4th | 5.4 | This CVE describes a cross-site scripting (XSS) vulnerability in IBM watsonx.ai that allows authenti | |
| 1852 | CVE-2025-26310 |
|
36.5th | 6.5 | Multiple memory leaks in ABC file parsing functions in libming v0.4.8 allow attackers to cause denia | |
| 1853 | CVE-2024-13887 |
|
36.5th | 5.3 | This vulnerability allows unauthenticated attackers to upload arbitrary images to WordPress listings | |
| 1854 | CVE-2025-3150 |
|
36.4th | 4.3 | This vulnerability allows attackers to perform cross-site request forgery (CSRF) attacks against the | |
| 1855 | CVE-2025-29155 |
|
36.5th | 6.5 | A command injection vulnerability in petstore v1.0.7 allows remote attackers to execute arbitrary co | |
| 1856 | CVE-2025-12094 |
|
36.4th | 5.3 | The OOPSpam Anti-Spam WordPress plugin is vulnerable to IP header spoofing, allowing unauthenticated | |
| 1857 | CVE-2025-65082 |
|
36.4th | 6.5 | This vulnerability allows attackers to manipulate CGI program behavior by injecting malicious enviro | |
| 1858 | CVE-2025-20036 |
|
36.3th | 6.5 | Mattermost Mobile Apps versions up to 2.22.0 fail to properly validate post properties, allowing aut | |
| 1859 | CVE-2025-21274 |
|
36.3th | 5.5 | This vulnerability in Windows Event Tracing allows attackers to cause a denial of service condition | |
| 1860 | CVE-2024-37412 |
|
36.3th | 4.3 | This CSRF vulnerability in the Blossom Shop WordPress theme allows attackers to trick authenticated | |
| 1861 | CVE-2025-25195 |
|
36.3th | 4.3 | This CVE describes an information disclosure vulnerability in Zulip's development branch where priva | |
| 1862 | CVE-2025-1635 |
|
36.3th | 6.5 | This vulnerability in Devolutions Remote Desktop Manager allows authenticated users to export hub da | |
| 1863 | CVE-2025-27953 |
|
36.3th | 6.5 | A session management vulnerability in Clinical Collaboration Platform 12.2.1.5 allows remote attacke | |
| 1864 | CVE-2025-6215 |
|
36.3th | 5.3 | The Omnishop WordPress plugin has an unauthenticated registration bypass vulnerability that allows a | |
| 1865 | CVE-2025-41707 |
|
36.3th | 5.3 | This CVE describes a denial-of-service vulnerability in a websocket handler where an unauthenticated | |
| 1866 | CVE-2025-41706 |
|
36.3th | 5.3 | This CVE describes a denial-of-service vulnerability in a webserver where an unauthenticated remote | |
| 1867 | CVE-2025-35062 |
|
36.3th | 5.3 | Newforma Info Exchange (NIX) before version 2023.1 has a default configuration that allows anonymous | |
| 1868 | CVE-2025-43905 |
|
36.3th | 4.3 | This vulnerability allows low-privileged remote attackers to inject malicious arguments into command | |
| 1869 | CVE-2024-13457 |
|
36.2th | 5.3 | The Event Tickets and Registration WordPress plugin has an Insecure Direct Object Reference vulnerab | |
| 1870 | CVE-2025-24530 |
|
36.2th | 6.4 | This is a cross-site scripting (XSS) vulnerability in phpMyAdmin's check tables feature. Attackers c | |
| 1871 | CVE-2023-37037 |
|
36.2th | 6.5 | This vulnerability allows network-adjacent attackers to crash the Mobile Management Entity (MME) in | |
| 1872 | CVE-2023-37033 |
|
36.2th | 6.5 | A null pointer dereference vulnerability in Magma's Mobile Management Entity (MME) allows network-ad | |
| 1873 | CVE-2023-37030 |
|
36.2th | 6.5 | A null pointer dereference vulnerability in Magma's Mobile Management Entity (MME) allows network-ad | |
| 1874 | CVE-2025-20630 |
|
36.2th | 6.5 | Mattermost Mobile versions up to 2.22.0 contain a type casting vulnerability where posts with attach | |
| 1875 | CVE-2025-0336 |
|
36.2th | 6.3 | A critical SQL injection vulnerability in Codezips Project Management System 1.0 allows remote attac | |
| 1876 | CVE-2024-13104 |
|
36.2th | 5.3 | This vulnerability allows remote attackers to bypass authentication and access WiFi settings on affe | |
| 1877 | CVE-2025-0764 |
|
36.2th | 6.5 | The wpForo Forum WordPress plugin has an arbitrary file read vulnerability that allows authenticated | |
| 1878 | CVE-2024-13691 |
|
36.2th | 6.5 | The Uncode WordPress theme has a vulnerability that allows authenticated attackers with Subscriber-l | |
| 1879 | CVE-2025-27911 |
|
36.2th | 6.5 | This vulnerability in Datalust Seq allows attackers to bypass event body size limits by exploiting i | |
| 1880 | CVE-2023-42404 |
|
36.2th | 4.9 | This vulnerability in OneVision Workspace allows attackers to execute arbitrary Java Expression Lang | |
| 1881 | CVE-2025-28354 |
|
36.2th | 6.5 | This vulnerability allows attackers to perform directory traversal attacks via crafted POST requests | |
| 1882 | CVE-2025-1500 |
|
36.1th | 5.5 | This vulnerability in IBM Maximo Application Suite 9.0 allows authenticated users to upload files wi | |
| 1883 | CVE-2025-20678 |
|
36.2th | 6.5 | This vulnerability in MediaTek's IMS service allows remote denial of service attacks when a user equ | |
| 1884 | CVE-2025-59474 |
|
36.2th | 5.3 | This vulnerability allows attackers without Overall/Read permission in Jenkins to list agent names t | |
| 1885 | CVE-2025-58162 |
|
36.2th | 6.5 | CVE-2025-58162 is an arbitrary file write vulnerability in MobSF version 4.4.0. Authenticated users | |
| 1886 | CVE-2025-57563 |
|
36.2th | 6.5 | This vulnerability allows unauthenticated attackers to read arbitrary files on systems running vulne | |
| 1887 | CVE-2025-67436 |
|
36.2th | 6.5 | CVE-2025-67436 is an authenticated remote code execution vulnerability in PluXml CMS 5.8.22. Attacke | |
| 1888 | CVE-2025-26489 |
|
36.1th | 6.5 | This vulnerability allows remote authenticated users to send specially crafted XML payloads to the N | |
| 1889 | CVE-2026-20962 |
|
36.2th | 4.4 | This vulnerability involves uninitialized resource usage in Dynamic Root of Trust for Measurement (D | |
| 1890 | CVE-2024-12302 |
|
36th | 6.1 | The Icegram Engage WordPress plugin before version 3.1.32 has a stored cross-site scripting (XSS) vu | |
| 1891 | CVE-2024-56259 |
|
36th | 6.5 | This stored cross-site scripting (XSS) vulnerability in GeoDirectory WordPress plugin allows attacke | |
| 1892 | CVE-2024-11955 |
|
36.1th | 4.3 | This CVE describes an open redirect vulnerability in GLPI versions up to 10.0.17. Attackers can mani | |
| 1893 | CVE-2024-57026 |
|
36.1th | 6.1 | TawkTo Widget versions 1.3.7 and earlier contain a cross-site scripting vulnerability that allows at | |
| 1894 | CVE-2025-1336 |
|
36th | 4.3 | This path traversal vulnerability in CmsEasy 7.7.7.9 allows attackers to delete arbitrary files on t | |
| 1895 | CVE-2024-13639 |
|
36.1th | 4.3 | The Read More & Accordion WordPress plugin has an authorization vulnerability that allows authentica | |
| 1896 | CVE-2025-30363 |
|
36th | 5.4 | A stored Cross-Site Scripting (XSS) vulnerability in WeGIA web management software allows attackers | |
| 1897 | CVE-2025-3433 |
|
36.1th | 6.1 | The Advanced Advertising System WordPress plugin has an open redirect vulnerability that allows unau | |
| 1898 | CVE-2025-36239 |
|
36.1th | 6.1 | IBM Storage TS4500 Library versions 1.11.0.0 and 2.11.0.0 contain a cross-site scripting (XSS) vulne | |
| 1899 | CVE-2025-36248 |
|
36.1th | 6.1 | IBM Copy Services Manager 6.3.13 contains a cross-site scripting (XSS) vulnerability that allows una | |
| 1900 | CVE-2023-53689 |
|
36.1th | 4.8 | Nagios Fusion versions before 4.2.0 contain a reflected cross-site scripting vulnerability in the li |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free