Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
151	CVE-2025-15134	0.04%	10.4th	3.5	This CVE describes a cross-site scripting (XSS) vulnerability in yourmaileyes MOOC software up to ve
152	CVE-2026-0976	0.04%	10.4th	3.7	This vulnerability allows attackers to bypass reverse proxy path filtering by using RFC-compliant ma
153	CVE-2025-64326	0.04%	10.5th	2.6	Weblate versions 5.14 and below expose the IP address of project administrators in audit logs when i
154	CVE-2025-15145	0.04%	10.3th	2.4	This is a cross-site scripting (XSS) vulnerability in SohuTV CacheCloud up to version 3.2.0 that all
155	CVE-2025-15146	0.04%	10.3th	2.4	This vulnerability allows remote attackers to inject malicious scripts into the SohuTV CacheCloud us
156	CVE-2025-20382	0.04%	10.4th	3.5	This CVE describes an unvalidated redirect vulnerability in Splunk Enterprise and Cloud Platform whe
157	CVE-2026-21249	0.04%	10.5th	3.3	This vulnerability allows an unauthorized local attacker to manipulate file paths in Windows NTLM au
158	CVE-2026-2145	0.04%	9.8th	3.5	This vulnerability allows attackers to inject malicious scripts via the nginxDir parameter in the ng
159	CVE-2025-13577	0.04%	10.2th	3.5	This vulnerability allows attackers to inject malicious scripts into the Hostel Management System's
160	CVE-2025-14200	0.04%	10.2th	3.5	This CVE describes a cross-site scripting (XSS) vulnerability in the Hotel-Management-services-using
161	CVE-2025-14205	0.04%	10th	2.4	This CVE describes a cross-site scripting (XSS) vulnerability in the Chamber of Commerce Membership
162	CVE-2025-13181	0.04%	9.8th	3.5	CVE-2025-13181 is a cross-site scripting (XSS) vulnerability in pojoin h3blog 1.0 that allows attack
163	CVE-2025-13186	0.04%	10th	2.4	This vulnerability allows attackers to inject malicious scripts via the Search parameter in the /das
164	CVE-2025-15241	0.04%	9.9th	3.5	This CVE describes an open redirect vulnerability in CloudPanel Community Edition where attackers ca
165	CVE-2025-52661	0.04%	9.9th	2.4	HCL AION version 2 has JWT tokens that remain valid for an excessively long time, allowing attackers
166	CVE-2025-55252	0.04%	9.8th	3.1	HCL AION version 2 has a weak password policy vulnerability that allows users to set easily guessabl
167	CVE-2025-14991	0.04%	9.8th	2.4	This CVE describes a cross-site scripting (XSS) vulnerability in Campcodes Complete Online Beauty Pa
168	CVE-2026-24140	0.04%	10.1th	2.7	MyTube versions 1.7.78 and below have a mass assignment vulnerability in settings management that al
169	CVE-2025-12954	0.04%	9.8th	2.7	This vulnerability in the Timetable and Event Schedule WordPress plugin allows users with Contributo
170	CVE-2025-12958	0.04%	9.8th	2.7	The Rankology SEO and Analytics Tool WordPress plugin has an authorization vulnerability that allows
171	CVE-2025-14538	0.03%	9.4th	3.5	This is a cross-site scripting (XSS) vulnerability in yangshare warehouseManager 1.1.0 that allows a
172	CVE-2026-24513	0.03%	9.5th	3.1	This CVE describes an authentication bypass vulnerability in ingress-nginx when using custom error b
173	CVE-2025-15095	0.03%	9.4th	3.5	This CVE describes a cross-site scripting (XSS) vulnerability in postmanlabs httpbin versions up to
174	CVE-2025-52598	0.03%	9.7th	3.7	This vulnerability allows man-in-the-middle attacks against Hanwha Vision cameras due to missing cer
175	CVE-2026-22820	0.03%	9.6th	3.7	A TOCTOU race condition vulnerability in Outray (an open-source ngrok alternative) allows authentica
176	CVE-2025-15258	0.03%	9.4th	3.5	This CVE describes an open redirect vulnerability in the Edimax BR-6208AC router's web configuration
177	CVE-2024-56464	0.03%	9.6th	2.7	IBM QRadar SIEM versions 7.5 through 7.5.0 UP14 IF01 have an information disclosure vulnerability th
178	CVE-2025-52631	0.03%	9.5th	3.7	HCL AION 2.0 lacks proper HTTP Strict-Transport-Security headers, allowing attackers to force insecu
179	CVE-2025-52633	0.03%	9.6th	3.1	HCL AION stores sensitive session information in persistent cookies that survive browser sessions, p
180	CVE-2026-24656	0.03%	9.7th	3.7	Apache Karaf Decanter's log socket collector has a deserialization vulnerability on port 4560 withou
181	CVE-2025-13127	0.03%	9.5th	3.5	This is a cross-site scripting (XSS) vulnerability in GoldenHorn software from TAC Information Servi
182	CVE-2025-15374	0.03%	9.1th	3.5	This vulnerability allows attackers to inject malicious scripts into the Ask module of EyouCMS throu
183	CVE-2025-24307	0.03%	9.2th	2.0	This vulnerability in Intel CIP software allows authenticated users to potentially manipulate data t
184	CVE-2025-15505	0.03%	9.2th	2.4	This CVE describes a cross-site scripting (XSS) vulnerability in Luxul XWR-600 routers up to version
185	CVE-2025-14722	0.03%	9.2th	2.4	This is a cross-site scripting (XSS) vulnerability in vion707 DMadmin's backend component that allow
186	CVE-2025-36229	0.03%	9.3th	3.1	This vulnerability in IBM Aspera Faspex 5 allows authenticated users to enumerate sensitive informat
187	CVE-2026-20671	0.03%	9.3th	3.1	A logic vulnerability in Apple operating systems allows attackers in privileged network positions to
188	CVE-2025-69015	0.03%	9.3th	3.8	This CVE describes a Missing Authorization vulnerability in the Crowdsignal Forms WordPress plugin t
189	CVE-2025-14801	0.03%	9.2th	2.4	This vulnerability allows attackers to inject malicious scripts via the content parameter in the cre
190	CVE-2025-67737	0.03%	9.2th	3.1	AzuraCast versions 0.23.1 expose an internal API endpoint intended for SFTPgo software to the public
191	CVE-2025-15149	0.03%	9.2th	2.4	This CVE describes a cross-site scripting (XSS) vulnerability in rawchen ecms that allows attackers
192	CVE-2025-62690	0.03%	9.3th	3.1	Mattermost versions 10.11.4 and earlier contain an open redirect vulnerability on the /error page. A
193	CVE-2025-14082	0.03%	9.3th	2.7	This vulnerability in Keycloak Admin REST API allows unauthorized users to access sensitive role met
194	CVE-2026-0580	0.03%	8.7th	3.5	This vulnerability allows attackers to inject malicious scripts into the SourceCodester API Key Mana
195	CVE-2025-15202	0.03%	8.9th	2.4	This vulnerability allows attackers to inject malicious scripts into the SohuTV CacheCloud web inter
196	CVE-2025-15203	0.03%	8.9th	2.4	This is a cross-site scripting (XSS) vulnerability in SohuTV CacheCloud up to version 3.2.0 that all
197	CVE-2025-15204	0.03%	8.9th	2.4	This vulnerability allows remote attackers to inject malicious scripts via the doQuartzList function
198	CVE-2025-13881	0.03%	8.9th	2.7	This vulnerability allows Keycloak administrators with limited privileges to access sensitive custom
199	CVE-2026-1518	0.03%	8.8th	2.7	This vulnerability in Keycloak's CIBA (Client Initiated Backchannel Authentication) feature allows a
200	CVE-2026-22978	0.03%	8.9th	3.3	This CVE describes an information disclosure vulnerability in the Linux kernel's WiFi subsystem wher

← Previous Page 4 of 9 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free