Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
1951	CVE-2025-32071	0.15%	35.7th	5.4	This CVE describes an improper input validation vulnerability in the MediaWiki Wikidata Extension th
1952	CVE-2025-32069	0.15%	35.7th	5.4	This CVE describes a cross-site scripting (XSS) vulnerability in the Mediawiki Wikibase Media Info E
1953	CVE-2025-32067	0.15%	35.7th	5.4	This CVE describes an improper input validation vulnerability in the Mediawiki Growth Experiments ex
1954	CVE-2025-7070	0.15%	35.6th	4.3	This vulnerability in IROAD Dashcam Q9 allows attackers on the local network to spam MFA pairing req
1955	CVE-2025-30275	0.15%	35.7th	6.5	A NULL pointer dereference vulnerability in Qsync Central allows authenticated remote attackers to c
1956	CVE-2025-30267	0.15%	35.7th	6.5	A NULL pointer dereference vulnerability in QNAP operating systems allows authenticated remote attac
1957	CVE-2025-30263	0.15%	35.7th	6.5	A NULL pointer dereference vulnerability in Qsync Central allows authenticated remote attackers to c
1958	CVE-2025-29889	0.15%	35.7th	6.5	A NULL pointer dereference vulnerability in QNAP File Station 5 allows authenticated attackers to ca
1959	CVE-2025-29886	0.15%	35.7th	6.5	A NULL pointer dereference vulnerability in QNAP File Station 5 allows authenticated remote attacker
1960	CVE-2025-29878	0.15%	35.7th	6.5	A NULL pointer dereference vulnerability in QNAP File Station 5 allows authenticated attackers to ca
1961	CVE-2025-29874	0.15%	35.7th	6.5	A NULL pointer dereference vulnerability in QNAP File Station 5 allows authenticated attackers to ca
1962	CVE-2025-29901	0.15%	35.7th	6.5	A NULL pointer dereference vulnerability in QNAP File Station 5 allows authenticated remote attacker
1963	CVE-2025-13660	0.15%	35.6th	5.3	The Guest Support WordPress plugin up to version 1.2.3 contains an unauthenticated user email disclo
1964	CVE-2025-21519	0.15%	35.5th	4.4	This vulnerability in Oracle MySQL Server's privilege management component allows high-privileged at
1965	CVE-2025-23041	0.15%	35.5th	5.8	Umbraco.Forms has a vulnerability where character limits for form fields are only enforced client-si
1966	CVE-2025-0176	0.15%	35.4th	6.3	This critical SQL injection vulnerability in code-projects Point of Sales and Inventory Management S
1967	CVE-2024-13846	0.15%	35.4th	4.9	The Indeed Ultimate Learning Pro WordPress plugin contains a time-based SQL injection vulnerability
1968	CVE-2025-24419	0.15%	35.5th	4.3	CVE-2025-24419 is an incorrect authorization vulnerability in Adobe Commerce that allows low-privile
1969	CVE-2024-42207	0.15%	35.5th	5.5	HCL iAutomate has a session fixation vulnerability where an attacker can hijack a user's authenticat
1970	CVE-2024-28803	0.15%	35.5th	6.1	This cross-site scripting (XSS) vulnerability in Italtel's i-MCS NFV software allows unauthenticated
1971	CVE-2025-25620	0.15%	35.5th	5.4	Unifiedtransform 2.0 contains a cross-site scripting vulnerability in the Create Assignment function
1972	CVE-2025-45011	0.15%	35.5th	5.3	A HTML injection vulnerability in PHPGurukul Park Ticketing Management System v2.0 allows remote att
1973	CVE-2025-45009	0.15%	35.5th	5.3	A HTML injection vulnerability in PHPGurukul Park Ticketing Management System v2.0 allows remote att
1974	CVE-2025-40568	0.15%	35.5th	4.3	This vulnerability allows authenticated remote attackers with 'guest' role privileges to terminate l
1975	CVE-2025-54250	0.15%	35.5th	4.9	Adobe Experience Manager versions 6.5.23.0 and earlier contain an improper input validation vulnerab
1976	CVE-2025-60641	0.15%	35.5th	6.5	This vulnerability allows attackers to execute arbitrary code on systems running Vfront 0.99.52 by e
1977	CVE-2025-12580	0.15%	35.4th	6.1	The SMS for WordPress plugin has a reflected cross-site scripting (XSS) vulnerability in the 'paged'
1978	CVE-2025-63390	0.15%	35.5th	5.3	An authentication bypass vulnerability in AnythingLLM v1.8.5 allows unauthenticated attackers to enu
1979	CVE-2024-29370	0.15%	35.5th	5.3	This vulnerability in python-jose 3.3.0 allows attackers to cause Denial-of-Service (DoS) by sending
1980	CVE-2025-13513	0.15%	35.4th	6.1	The Clik stats WordPress plugin contains a reflected cross-site scripting (XSS) vulnerability that a
1981	CVE-2026-0521	0.15%	35.4th	6.1	A reflected cross-site scripting vulnerability in TYDAC AG MAP+ allows unauthenticated attackers to
1982	CVE-2025-0791	0.15%	35.4th	6.3	CVE-2025-0791 is a critical SQL injection vulnerability in ESAFENET CDG V5's /sdDoneDetail.jsp endpo
1983	CVE-2023-37039	0.15%	35.3th	6.5	A null pointer dereference vulnerability in Magma's Mobile Management Entity (MME) allows network-ad
1984	CVE-2025-21560	0.15%	35.4th	6.5	This vulnerability in Oracle Agile PLM Framework allows authenticated attackers with low privileges
1985	CVE-2025-21552	0.15%	35.4th	6.5	This vulnerability in Oracle JD Edwards EnterpriseOne Orchestrator allows authenticated attackers wi
1986	CVE-2024-55958	0.15%	35.4th	4.8	This vulnerability allows cross-site scripting (XSS) attacks in Northern.tech CFEngine Enterprise Mi
1987	CVE-2023-51323	0.15%	35.4th	6.5	This vulnerability allows attackers to send excessive password reset emails to legitimate users by e
1988	CVE-2024-25132	0.15%	35.3th	4.3	A denial-of-service vulnerability in OpenShift Dedicated's Hive hibernation controller allows attack
1989	CVE-2025-3405	0.15%	35.4th	4.3	This vulnerability in FCJ Venture Builder's appclientefiel 3.0.27 allows attackers to manipulate res
1990	CVE-2025-2544	0.15%	35.3th	6.4	The AI Content Pipelines WordPress plugin versions up to 1.6 contain a stored cross-site scripting v
1991	CVE-2025-6897	0.15%	35.3th	5.5	This critical vulnerability in D-Link DI-7300G+ routers allows remote attackers to execute arbitrary
1992	CVE-2025-8803	0.15%	35.4th	5.3	This vulnerability in Open5GS AMF component allows remote attackers to cause denial of service by ex
1993	CVE-2025-8800	0.15%	35.4th	5.3	A denial-of-service vulnerability exists in Open5GS AMF component where the esm_handle_pdn_connectiv
1994	CVE-2025-65657	0.15%	35.3th	6.5	CVE-2025-65657 is a remote code execution vulnerability in FeehiCMS version 2.1.1 that allows authen
1995	CVE-2025-0490	0.15%	35.3th	6.3	This critical vulnerability in Fanli2012 native-php-cms 1.0 allows remote attackers to execute SQL i
1996	CVE-2025-21336	0.15%	35.3th	5.6	This Windows cryptographic vulnerability allows attackers to disclose sensitive information from mem
1997	CVE-2023-46195	0.15%	35.3th	6.5	CVE-2023-46195 is a missing authorization vulnerability in the CoSchedule Headline Analyzer WordPres
1998	CVE-2024-57423	0.15%	35.1th	6.1	A Cross-Site Scripting (XSS) vulnerability in CloudClassroom-PHP Project v1.0 allows remote attacker
1999	CVE-2025-1024	0.15%	35.2th	4.8	A reflected cross-site scripting (XSS) vulnerability in ChurchCRM 5.13.0 allows authenticated admini
2000	CVE-2025-24423	0.15%	35.1th	4.3	Adobe Commerce has an improper access control vulnerability (CWE-284) that allows low-privileged att

← Previous Page 40 of 331 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free