Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
2101	CVE-2024-12633	0.61%	69.2th	7.1	This vulnerability allows unauthenticated attackers to perform reflected cross-site scripting (XSS)
2102	CVE-2025-2553	0.61%	69.2th	4.3	This vulnerability in D-Link DIR-618 and DIR-605L routers allows improper access control to the /gof
2103	CVE-2025-55637	0.61%	69.2th	9.8	This CVE describes a command injection vulnerability in Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbe
2104	CVE-2024-14002	0.61%	69.2th	5.5	Nagios XI versions before 2024R1.1.4 contain an authenticated local file inclusion vulnerability in
2105	CVE-2025-27932	0.61%	69.2th	8.1	A path traversal vulnerability in the USB storage file-sharing function of HGW-BL1500HM devices allo
2106	CVE-2025-46616	0.61%	69.2th	9.9	Quantum StorNext Web GUI API before version 7.2.4 contains a vulnerability that allows attackers to
2107	CVE-2025-24434	0.61%	69.1th	9.1	CVE-2025-24434 is an incorrect authorization vulnerability in Adobe Commerce that allows attackers t
2108	CVE-2025-3887	0.61%	69.1th	8.8	A stack-based buffer overflow vulnerability in GStreamer's H265 codec parser allows remote attackers
2109	CVE-2025-55232	0.61%	69.1th	9.8	CVE-2025-55232 is a critical deserialization vulnerability in Microsoft High Performance Compute Pac
2110	CVE-2024-56374	0.61%	69.1th	5.8	This vulnerability in Django allows attackers to cause denial-of-service by sending specially crafte
2111	CVE-2025-26803	0.61%	69.1th	5.3	A vulnerability in Phusion Passenger's HTTP parser allows denial of service attacks when processing
2112	CVE-2025-22962	0.61%	69.1th	7.2	A critical remote code execution vulnerability in GatesAir Maxiva UAXT/VAXT transmitters allows auth
2113	CVE-2025-30698	0.61%	69.1th	5.6	This vulnerability in Oracle Java SE and GraalVM's 2D component allows an unauthenticated attacker w
2114	CVE-2025-57698	0.61%	69.1th	7.5	AstrBot Project v3.5.22 contains a directory traversal vulnerability in the plugin upload interface.
2115	CVE-2025-5569	0.6%	69.1th	6.3	This critical SQL injection vulnerability in IdeaCMS allows remote attackers to manipulate database
2116	CVE-2025-32105	0.6%	69.1th	9.8	A buffer overflow vulnerability in Sangoma IMG2020 HTTP server allows unauthenticated attackers to e
2117	CVE-2025-34335	0.6%	69.1th	8.8	This CVE describes an authenticated command injection vulnerability in AudioCodes Fax Server and Aut
2118	CVE-2024-57519	0.6%	69th	7.5	A denial-of-service vulnerability in Open5GS v2.7.2 allows remote attackers to crash the service via
2119	CVE-2025-28221	0.6%	69th	7.5	This vulnerability allows remote attackers to crash the web server on Tenda W6_S routers by sending
2120	CVE-2025-24035	0.6%	69th	8.1	This vulnerability in Windows Remote Desktop Services allows unauthorized attackers to execute arbit
2121	CVE-2025-63371	0.6%	69th	7.5	OneCommander 3.102.0.0 contains a directory traversal vulnerability in its ZIP file processing compo
2122	CVE-2025-66576	0.6%	69th	9.8	CVE-2025-66576 is a critical remote code execution vulnerability in Remote Keyboard Desktop 1.0.1 th
2123	CVE-2024-57649	0.6%	69th	7.5	This vulnerability in OpenLink Virtuoso's qst_vec_set component allows attackers to execute crafted
2124	CVE-2024-57647	0.6%	69th	7.5	A SQL injection vulnerability in the row_insert_cast component of OpenLink Virtuoso OpenSource allow
2125	CVE-2024-57646	0.6%	69th	7.5	This SQL injection vulnerability in OpenLink Virtuoso's psiginfo component allows attackers to execu
2126	CVE-2024-57645	0.6%	69th	7.5	This vulnerability in OpenLink Virtuoso OpenSource allows attackers to execute crafted SQL statement
2127	CVE-2024-57644	0.6%	69th	7.5	This vulnerability in OpenLink Virtuoso Open-Source allows attackers to execute crafted SQL statemen
2128	CVE-2024-57641	0.6%	69th	7.5	This vulnerability in OpenLink Virtuoso OpenSource allows attackers to execute crafted SQL statement
2129	CVE-2024-57640	0.6%	69th	7.5	A SQL injection vulnerability in the dc_add_int component of OpenLink Virtuoso OpenSource allows att
2130	CVE-2024-57639	0.6%	69th	7.5	This SQL injection vulnerability in OpenLink Virtuoso's dc_elt_size component allows attackers to ex
2131	CVE-2025-26628	0.6%	69th	7.3	CVE-2025-26628 is an information disclosure vulnerability in Azure Local Cluster where credentials a
2132	CVE-2023-53888	0.6%	69th	8.8	CVE-2023-53888 is a remote code execution vulnerability in Zomplog 3.9 that allows authenticated att
2133	CVE-2024-56889	0.6%	68.9th	7.5	This vulnerability allows unauthorized attackers to delete complaints in CodeAstro Complaint Managem
2134	CVE-2024-57450	0.6%	68.9th	9.8	ChestnutCMS versions up to 1.5.0 contain a file upload vulnerability in the Create template function
2135	CVE-2025-47777	0.6%	68.9th	9.6	This vulnerability allows stored cross-site scripting (XSS) in 5ire's chatbot responses due to insuf
2136	CVE-2025-58428	0.6%	68.9th	9.9	This critical vulnerability in TLS4B ATG systems allows authenticated remote attackers to execute ar
2137	CVE-2025-29226	0.6%	68.9th	6.3	This CVE describes a command injection vulnerability in Linksys E5600 routers where an attacker can
2138	CVE-2025-14106	0.6%	68.9th	8.8	This vulnerability allows remote attackers to execute arbitrary commands on ZSPACE Q2C NAS devices b
2139	CVE-2024-13533	0.6%	68.9th	7.5	This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si
2140	CVE-2024-13532	0.6%	68.9th	7.5	This SQL injection vulnerability in the Small Package Quotes – Purolator Edition WordPress plugin
2141	CVE-2025-61492	0.6%	68.9th	10.0	A command injection vulnerability in terminal-controller-mcp 0.1.7 allows attackers to execute arbit
2142	CVE-2025-4800	0.6%	68.8th	8.8	The MasterStudy LMS Pro WordPress plugin allows authenticated users with Subscriber-level access or
2143	CVE-2023-53773	0.6%	68.8th	5.3	MiniDVBLinux 5.4 contains an unauthenticated vulnerability in the tv_action.sh script that allows re
2144	CVE-2025-23115	0.6%	68.8th	9.0	A Use After Free vulnerability in UniFi Protect Cameras allows remote attackers to execute arbitrary
2145	CVE-2025-34311	0.6%	68.8th	8.8	This CVE describes a command injection vulnerability in IPFire firewall software that allows authent
2146	CVE-2025-31124	0.6%	68.8th	5.3	ZITADEL's 'Ignoring unknown usernames' setting fails to properly hide user existence due to username
2147	CVE-2025-1510	0.59%	68.8th	7.3	This vulnerability allows unauthenticated attackers to execute arbitrary WordPress shortcodes throug
2148	CVE-2025-1509	0.59%	68.8th	7.3	The Show Me The Cookies WordPress plugin allows unauthenticated attackers to execute arbitrary short
2149	CVE-2025-27091	0.59%	68.8th	7.5	A heap overflow vulnerability in OpenH264 video codec library allows remote attackers to crash appli
2150	CVE-2025-28395	0.59%	68.8th	7.1	A buffer overflow vulnerability exists in D-LINK DI-8100 routers in the ipsec_road_asp function via

← Previous Page 43 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free