Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 151 | CVE-2011-10018 |
|
97.9th | 9.8 | CVE-2011-10018 is a critical backdoor vulnerability in myBB 1.6.4 that allows unauthenticated remote | |
| 152 | CVE-2025-58034 |
|
97.9th | 7.2 | KEV | This OS command injection vulnerability in Fortinet FortiWeb web application firewalls allows authen |
| 153 | CVE-2025-22604 |
|
97.9th | 9.1 | CVE-2025-22604 is a command injection vulnerability in Cacti's SNMP result parser that allows authen | |
| 154 | CVE-2024-12471 |
|
97.9th | 8.8 | This vulnerability allows authenticated WordPress users with subscriber-level access or higher to up | |
| 155 | CVE-2024-48457 |
|
97.9th | 7.5 | This vulnerability in multiple Netis router models allows remote attackers to access sensitive infor | |
| 156 | CVE-2025-21385 |
|
97.8th | 8.8 | This Server-Side Request Forgery (SSRF) vulnerability in Microsoft Purview allows authenticated atta | |
| 157 | CVE-2022-35737 |
|
97.8th | 7.5 | This SQLite vulnerability allows array-bounds overflow when processing extremely large string argume | |
| 158 | CVE-2025-34079 |
|
97.8th | 7.8 | This vulnerability allows authenticated attackers with administrator credentials to execute arbitrar | |
| 159 | CVE-2025-57790 |
|
97.8th | 8.8 | This CVE describes a path traversal vulnerability that allows remote attackers to access files outsi | |
| 160 | CVE-2013-10059 |
|
97.8th | 7.2 | This CVE describes an authenticated OS command injection vulnerability in D-Link DIR-615H1 routers r | |
| 161 | CVE-2025-34086 |
|
97.8th | 8.8 | This vulnerability allows authenticated users in Bolt CMS 3.7.0 and earlier to achieve remote code e | |
| 162 | CVE-2021-39935 |
|
97.8th | 6.8 | KEV | This vulnerability allows unauthorized external users to perform Server Side Request Forgery (SSRF) |
| 163 | CVE-2015-10140 |
|
97.8th | 8.8 | The Ajax Load More WordPress plugin before version 2.8.1.2 lacks proper authorization checks in cert | |
| 164 | CVE-2015-10134 |
|
97.8th | 7.5 | The Simple Backup WordPress plugin allows attackers to download any file from the server without aut | |
| 165 | CVE-2025-32433 |
|
97.7th | 10.0 | KEV | This CVE describes a critical vulnerability in Erlang/OTP's SSH server that allows unauthenticated r |
| 166 | CVE-2025-34088 |
|
97.7th | 8.8 | This vulnerability allows authenticated users in Pandora FMS to execute arbitrary operating system c | |
| 167 | CVE-2025-6205 |
|
97.7th | 9.1 | KEV | A missing authorization vulnerability in DELMIA Apriso allows attackers to bypass authentication and |
| 168 | CVE-2025-26682 |
|
97.7th | 7.5 | This CVE describes a resource exhaustion vulnerability in ASP.NET Core where an attacker can send sp | |
| 169 | CVE-2025-33073 |
|
97.7th | 8.8 | KEV | CVE-2025-33073 is an improper access control vulnerability in Windows SMB that allows authenticated |
| 170 | CVE-2024-57049 |
|
97.7th | 9.8 | This vulnerability allows attackers to bypass authentication on TP-Link Archer C20 routers by adding | |
| 171 | CVE-2014-125117 |
|
97.7th | 9.8 | This critical vulnerability allows unauthenticated attackers to execute arbitrary code with system p | |
| 172 | CVE-2024-11396 |
|
97.6th | 5.3 | The Event Monster WordPress plugin creates publicly accessible CSV files containing visitor personal | |
| 173 | CVE-2025-34433 |
|
97.6th | N/A | AVideo versions 14.3.1 through 20.0 contain an unauthenticated remote code execution vulnerability. | |
| 174 | CVE-2024-12252 |
|
97.6th | 9.8 | The SEO LAT Auto Post WordPress plugin has a critical vulnerability that allows unauthenticated atta | |
| 175 | CVE-2025-2011 |
|
97.6th | 7.5 | This SQL injection vulnerability in the Slider & Popup Builder by Depicter WordPress plugin allows u | |
| 176 | CVE-2025-26673 |
|
97.6th | 7.5 | This vulnerability allows an unauthorized attacker to cause a denial of service (DoS) on Windows sys | |
| 177 | CVE-2025-27920 |
|
97.5th | 7.2 | KEV | CVE-2025-27920 is a directory traversal vulnerability in Output Messenger that allows attackers to a |
| 178 | CVE-2025-22896 |
|
97.5th | 8.6 | mySCADA myPRO Manager stores credentials in cleartext, allowing attackers to read sensitive authenti | |
| 179 | CVE-2025-5086 |
|
97.5th | 9.0 | KEV | CVE-2025-5086 is a deserialization vulnerability in Dassault Systèmes DELMIA Apriso that allows rem |
| 180 | CVE-2024-13609 |
|
97.5th | 5.9 | The 1 Click WordPress Migration Plugin exposes sensitive user data including usernames and password | |
| 181 | CVE-2025-25257 |
|
97.5th | 9.8 | KEV | This SQL injection vulnerability in Fortinet FortiWeb web application firewalls allows unauthenticat |
| 182 | CVE-2025-0674 |
|
97.5th | 9.8 | CVE-2025-0674 is an authentication bypass vulnerability affecting multiple Elber products that allow | |
| 183 | CVE-2025-2783 |
|
97.5th | 8.3 | KEV | This vulnerability in Google Chrome's Mojo IPC system on Windows allows remote attackers to escape t |
| 184 | CVE-2025-27473 |
|
97.5th | 7.5 | This vulnerability in Windows HTTP.sys allows unauthorized attackers to cause denial of service by c | |
| 185 | CVE-2025-26680 |
|
97.5th | 7.5 | This vulnerability in Windows Standards-Based Storage Management Service allows unauthorized attacke | |
| 186 | CVE-2025-26652 |
|
97.5th | 7.5 | This vulnerability allows unauthorized attackers to cause denial of service in Windows Standards-Bas | |
| 187 | CVE-2025-26641 |
|
97.5th | 7.5 | This vulnerability in Windows Cryptographic Services allows attackers to cause denial of service by | |
| 188 | CVE-2025-54253 |
|
97.4th | 10.0 | KEV | CVE-2025-54253 is a critical misconfiguration vulnerability in Adobe Experience Manager Forms that a |
| 189 | CVE-2024-54819 |
|
97.4th | 9.1 | CVE-2024-54819 is a Server-Side Request Forgery (SSRF) vulnerability in I, Librarian versions up to | |
| 190 | CVE-2025-23942 |
|
97.4th | 9.1 | This vulnerability allows attackers to upload arbitrary files, including web shells, to WordPress se | |
| 191 | CVE-2025-14733 |
|
97.4th | 9.8 | KEV | A critical out-of-bounds write vulnerability in WatchGuard Fireware OS allows remote unauthenticated |
| 192 | CVE-2025-25062 |
|
97.4th | 4.4 | A stored cross-site scripting (XSS) vulnerability in Backdrop CMS allows attackers to inject malicio | |
| 193 | CVE-2025-4632 |
|
97.4th | 9.8 | KEV | This vulnerability allows attackers to write arbitrary files with system-level privileges on Samsung |
| 194 | CVE-2024-56278 |
|
97.4th | 9.1 | This vulnerability allows remote attackers to execute arbitrary PHP code on WordPress sites using th | |
| 195 | CVE-2025-34442 |
|
97.3th | 7.5 | AVideo versions before 20.1 expose absolute server filesystem paths through public API endpoints. Th | |
| 196 | CVE-2025-34441 |
|
97.3th | 7.5 | AVideo versions before 20.1 expose sensitive user information through an unauthenticated public API | |
| 197 | CVE-2025-27479 |
|
97.3th | 7.5 | This vulnerability in Windows Kerberos allows attackers to exhaust resource pools, causing denial of | |
| 198 | CVE-2025-27470 |
|
97.3th | 7.5 | This vulnerability in Windows Standards-Based Storage Management Service allows unauthorized attacke | |
| 199 | CVE-2025-25256 |
|
97.3th | 9.8 | This critical vulnerability allows unauthenticated attackers to execute arbitrary operating system c | |
| 200 | CVE-2025-22968 |
|
97.3th | 9.8 | This critical vulnerability in D-Link DWR-M972V routers allows remote attackers to execute arbitrary |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation β making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free