Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
151	CVE-2025-26355	1.8%	82.5th	6.5	This path traversal vulnerability in Q-Free MaxTime allows authenticated remote attackers to delete
152	CVE-2025-26352	1.8%	82.5th	6.5	This path traversal vulnerability in Q-Free MaxTime allows authenticated remote attackers to delete
153	CVE-2024-57214	1.79%	82.4th	6.3	This CVE describes a command injection vulnerability in TOTOLINK A6000R routers where an attacker ca
154	CVE-2025-12960	1.75%	82.2th	6.5	The Simple CSV Table WordPress plugin has a directory traversal vulnerability that allows authentica
155	CVE-2025-15081	1.74%	82.2th	6.3	This vulnerability allows remote attackers to execute arbitrary commands on JD Cloud BE6500 routers
156	CVE-2025-12092	1.7%	82th	6.5	The CYAN Backup WordPress plugin has an arbitrary file deletion vulnerability in versions up to 2.5.
157	CVE-2025-30144	1.69%	81.9th	6.5	The fast-jwt library prior to version 5.0.6 improperly validates JWT issuer claims, allowing attacke
158	CVE-2024-12058	1.69%	81.9th	6.8	This vulnerability allows remote authenticated attackers with admin privileges to read arbitrary fil
159	CVE-2024-11831	1.67%	81.8th	5.4	This vulnerability in npm-serialize-javascript allows attackers to inject malicious JavaScript code
160	CVE-2025-27692	1.66%	81.7th	4.7	Dell Wyse Management Suite versions before 5.1 have a vulnerability where high-privileged attackers
161	CVE-2025-58751	1.66%	81.7th	5.3	This vulnerability in Vite allows attackers to bypass server.fs restrictions and access files outsid
162	CVE-2025-29806	1.64%	81.6th	6.5	This vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute arb
163	CVE-2023-53690	1.64%	81.6th	4.8	Nagios Fusion versions before 4.2.0 have a stored XSS vulnerability in LDAP/AD authentication config
164	CVE-2025-21197	1.62%	81.5th	6.5	This vulnerability allows an authenticated attacker to discover file paths within restricted directo
165	CVE-2025-60699	1.62%	81.5th	6.5	This CVE describes a buffer overflow vulnerability in TOTOLINK A950RG router firmware that allows un
166	CVE-2025-5515	1.6%	81.4th	6.3	This critical vulnerability in TOTOLINK X2000R routers allows remote attackers to execute arbitrary
167	CVE-2025-26699	1.6%	81.3th	5.0	A denial-of-service vulnerability exists in Django's text wrapping functions when processing extreme
168	CVE-2025-25001	1.59%	81.3th	4.3	This cross-site scripting (XSS) vulnerability in Microsoft Edge allows attackers to inject malicious
169	CVE-2025-32103	1.59%	81.3th	5.0	CVE-2025-32103 is a directory traversal vulnerability in CrushFTP that allows attackers to bypass Se
170	CVE-2025-7952	1.58%	81.2th	6.3	This critical vulnerability in TOTOLINK T6 routers allows remote attackers to execute arbitrary comm
171	CVE-2025-14485	1.56%	81.1th	5.0	This CVE describes a command injection vulnerability in the EFM ipTIME A3004T router's administrator
172	CVE-2026-1623	1.54%	81.1th	6.3	This CVE describes a remote command injection vulnerability in Totolink A7000R routers. Attackers ca
173	CVE-2024-12419	1.52%	80.9th	6.5	This vulnerability allows unauthenticated attackers to execute arbitrary WordPress shortcodes throug
174	CVE-2025-14204	1.51%	80.9th	6.3	This vulnerability allows remote attackers to execute arbitrary operating system commands on systems
175	CVE-2025-64525	1.43%	80.4th	6.5	Astro web framework versions 2.16.0 to 5.15.4 with on-demand rendering are vulnerable to header inje
176	CVE-2025-56498	1.41%	80.2th	5.3	An authenticated OS command injection vulnerability in PLDT WiFi Router's Prolink PGN6401V allows at
177	CVE-2024-57025	1.41%	80.2th	6.8	This CVE describes an OS command injection vulnerability in TOTOLINK X5000R routers via the 'desc' p
178	CVE-2024-57023	1.41%	80.2th	6.8	This CVE describes an OS command injection vulnerability in TOTOLINK X5000R routers where an attacke
179	CVE-2026-2131	1.41%	80.2th	6.3	This vulnerability allows remote attackers to execute arbitrary operating system commands on systems
180	CVE-2026-1066	1.41%	80.2th	6.3	This vulnerability allows remote attackers to execute arbitrary commands on systems running vulnerab
181	CVE-2025-1676	1.4%	80.1th	6.3	This critical vulnerability in hzmanyun Education and Training System allows remote attackers to exe
182	CVE-2025-24158	1.38%	80th	6.5	This CVE describes a memory handling vulnerability in Apple's web content processing that could lead
183	CVE-2025-26055	1.37%	79.9th	6.5	This CVE describes an OS command injection vulnerability in the Infinxt iEdge 100 router's Troublesh
184	CVE-2025-43920	1.37%	79.9th	5.4	This vulnerability allows unauthenticated attackers to execute arbitrary operating system commands o
185	CVE-2025-26637	1.37%	79.9th	6.8	This CVE describes a protection mechanism failure in Windows BitLocker that allows unauthorized atta
186	CVE-2025-0215	1.36%	79.9th	6.1	This vulnerability allows unauthenticated attackers to perform reflected cross-site scripting attack
187	CVE-2024-57222	1.33%	79.6th	6.3	This CVE describes a command injection vulnerability in Linksys E7350 routers where an attacker can
188	CVE-2025-14184	1.32%	79.6th	6.3	This vulnerability allows remote attackers to execute arbitrary commands on SGAI Space1 NAS N1211DS
189	CVE-2025-21279	1.31%	79.5th	6.5	This vulnerability in Microsoft Edge (Chromium-based) allows remote attackers to execute arbitrary c
190	CVE-2025-60693	1.3%	79.4th	6.5	A stack-based buffer overflow vulnerability in Linksys E1200 v2 routers allows remote attackers to e
191	CVE-2025-9934	1.27%	79.1th	6.3	This CVE describes a command injection vulnerability in TOTOLINK X5000R routers affecting the sub_41
192	CVE-2025-29959	1.27%	79.1th	6.5	This vulnerability in Windows Routing and Remote Access Service (RRAS) allows attackers to read unin
193	CVE-2026-2130	1.25%	79th	6.3	This CVE describes a command injection vulnerability in BurtTheCoder's mcp-maigret tool up to versio
194	CVE-2024-12384	1.24%	78.9th	6.1	The Binary MLM Woocommerce WordPress plugin contains a reflected cross-site scripting (XSS) vulnerab
195	CVE-2025-10327	1.24%	78.9th	6.3	This CVE describes a remote command injection vulnerability in MiczFlor RPi-Jukebox-RFID versions up
196	CVE-2026-2178	1.23%	78.8th	6.3	This CVE describes a command injection vulnerability in r-huijts xcode-mcp-server that allows remote
197	CVE-2025-8266	1.22%	78.8th	6.3	This critical vulnerability in ChanCMS allows remote attackers to execute arbitrary code through des
198	CVE-2025-21313	1.22%	78.7th	6.5	This vulnerability in Windows Security Account Manager (SAM) allows attackers to cause a denial of s
199	CVE-2025-1845	1.21%	78.7th	6.3	This critical vulnerability in ESAFENET DSM 3.1.2 allows remote attackers to execute arbitrary comma
200	CVE-2024-48019	1.21%	78.6th	5.4	This path traversal vulnerability in Apache Doris allows authenticated application administrators to

← Previous Page 4 of 331 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free