Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 2201 | CVE-2025-2151 |
|
68.3th | 6.3 | A critical stack-based buffer overflow vulnerability in Assimp's GetNextLine function allows remote | |
| 2202 | CVE-2025-4978 |
|
68.3th | 9.8 | This vulnerability allows remote attackers to bypass authentication on Netgear DGND3700 routers via | |
| 2203 | CVE-2025-6222 |
|
68.3th | 9.8 | This vulnerability allows unauthenticated attackers to upload arbitrary files to WordPress sites usi | |
| 2204 | CVE-2025-53020 |
|
68.3th | 7.5 | This vulnerability in Apache HTTP Server involves improper memory management where memory is release | |
| 2205 | CVE-2025-25475 |
|
68.3th | 7.5 | A NULL pointer dereference vulnerability in DCMTK's DICOM file processing component allows attackers | |
| 2206 | CVE-2025-52480 |
|
68.3th | 9.8 | CVE-2025-52480 is an argument injection vulnerability in Registrator.jl's gettreesha() function that | |
| 2207 | CVE-2023-47030 |
|
68.3th | 9.8 | CVE-2023-47030 is a critical remote code execution vulnerability in NCR Terminal Handler v1.5.1 that | |
| 2208 | CVE-2023-47032 |
|
68.3th | 9.8 | CVE-2023-47032 is a critical remote code execution vulnerability in NCR Terminal Handler v1.5.1 that | |
| 2209 | CVE-2025-62215 |
|
68.3th | 7.0 | KEV | This Windows Kernel race condition vulnerability allows authenticated local attackers to escalate pr |
| 2210 | CVE-2025-26477 |
|
68.3th | 4.3 | Dell ECS versions 3.8.1.4 and earlier contain an improper input validation vulnerability that allows | |
| 2211 | CVE-2025-64055 |
|
68.3th | 9.8 | CVE-2025-64055 is an authentication bypass vulnerability in Fanvil x210 V2 IP phones that allows una | |
| 2212 | CVE-2025-21587 |
|
68.2th | 7.4 | This vulnerability in Java Secure Socket Extension (JSSE) allows attackers to manipulate or access c | |
| 2213 | CVE-2024-36842 |
|
68.2th | 7.3 | This vulnerability allows remote attackers to execute arbitrary code on affected Oncord+ Android Inf | |
| 2214 | CVE-2025-43561 |
|
68.2th | 9.1 | This CVE describes an incorrect authorization vulnerability in Adobe ColdFusion that allows high-pri | |
| 2215 | CVE-2024-24456 |
|
68.2th | 5.9 | A buffer overflow vulnerability in Athonet MME allows remote attackers to crash the system by sendin | |
| 2216 | CVE-2024-57791 |
|
68.1th | 7.5 | A vulnerability in the Linux kernel's SMC (Shared Memory Communications) subsystem could cause a den | |
| 2217 | CVE-2025-0817 |
|
68.1th | 7.2 | The FormCraft WordPress plugin allows unauthenticated attackers to upload malicious SVG files contai | |
| 2218 | CVE-2025-20646 |
|
68.1th | 9.8 | This critical vulnerability in MediaTek WLAN AP firmware allows remote attackers to execute arbitrar | |
| 2219 | CVE-2025-2704 |
|
68.1th | 7.5 | This vulnerability allows remote attackers to cause a denial of service in OpenVPN servers by corrup | |
| 2220 | CVE-2024-54802 |
|
68.1th | 9.8 | This vulnerability allows remote attackers to execute arbitrary code on Netgear WNR854T routers via | |
| 2221 | CVE-2025-24986 |
|
68.1th | 6.5 | This vulnerability in Azure PromptFlow allows unauthorized attackers to execute arbitrary code remot | |
| 2222 | CVE-2025-13390 |
|
68.1th | 10.0 | The WP Directory Kit WordPress plugin has an authentication bypass vulnerability that allows unauthe | |
| 2223 | CVE-2025-1100 |
|
68.1th | 9.8 | CVE-2025-1100 is a critical vulnerability in Q-Free MaxTime traffic management software where a hard | |
| 2224 | CVE-2025-26683 |
|
68.1th | 8.1 | CVE-2025-26683 is an improper authorization vulnerability in Azure Playwright that allows unauthoriz | |
| 2225 | CVE-2025-21573 |
|
68th | 6.0 | This vulnerability in Oracle Financial Services Revenue Management and Billing's Chatbot component a | |
| 2226 | CVE-2025-1909 |
|
68th | 9.8 | The BuddyBoss Platform Pro WordPress plugin has an authentication bypass vulnerability that allows u | |
| 2227 | CVE-2025-57618 |
|
68th | 7.3 | A path traversal vulnerability in FastX3 allows unauthenticated attackers to read arbitrary server f | |
| 2228 | CVE-2024-45626 |
|
68th | 6.5 | Apache James server versions below 3.7.6 and 3.8.2 have a vulnerability in their JMAP HTML-to-text c | |
| 2229 | CVE-2025-9712 |
|
68th | 8.8 | This vulnerability allows remote unauthenticated attackers to execute arbitrary code on Ivanti Endpo | |
| 2230 | CVE-2025-27487 |
|
67.9th | 8.0 | A heap-based buffer overflow vulnerability in Microsoft Remote Desktop Client allows authenticated a | |
| 2231 | CVE-2025-34330 |
|
68th | 5.3 | This vulnerability allows unauthenticated remote attackers to upload files to AudioCodes Fax Server | |
| 2232 | CVE-2025-24259 |
|
67.9th | 9.8 | This vulnerability allows malicious applications to access Safari bookmarks without proper authoriza | |
| 2233 | CVE-2025-24241 |
|
67.9th | 9.8 | This macOS vulnerability allows malicious applications to trick users into copying sensitive data to | |
| 2234 | CVE-2025-27220 |
|
67.9th | 4.0 | A Regular Expression Denial of Service (ReDoS) vulnerability exists in the CGI gem for Ruby versions | |
| 2235 | CVE-2024-13925 |
|
67.9th | 7.5 | The Klarna Checkout for WooCommerce WordPress plugin before version 2.13.5 exposes an unauthenticate | |
| 2236 | CVE-2025-62786 |
|
67.9th | 8.1 | A heap-based out-of-bounds write vulnerability in Wazuh's decode_win_permissions function allows wri | |
| 2237 | CVE-2023-53981 |
|
67.9th | 7.2 | PhotoShow 3.0 contains a remote code execution vulnerability where authenticated administrators can | |
| 2238 | CVE-2024-10441 |
|
67.9th | 9.8 | This critical vulnerability allows remote attackers to execute arbitrary code on Synology BeeStation | |
| 2239 | CVE-2023-37930 |
|
67.9th | 7.5 | This CVE describes memory corruption vulnerabilities in Fortinet VPN products that could allow authe | |
| 2240 | CVE-2025-53376 |
|
67.9th | 8.8 | CVE-2025-53376 is a command injection vulnerability in Dokploy that allows authenticated low-privile | |
| 2241 | CVE-2025-55901 |
|
67.9th | 6.5 | This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK A3300R routers | |
| 2242 | CVE-2025-55893 |
|
67.9th | 6.5 | This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK N200RE routers | |
| 2243 | CVE-2025-30891 |
|
67.8th | 8.8 | This vulnerability allows attackers to include local files on the server through improper filename c | |
| 2244 | CVE-2025-30846 |
|
67.8th | 8.8 | This vulnerability allows attackers to include local files on the server through improper filename c | |
| 2245 | CVE-2025-32146 |
|
67.8th | 8.8 | This vulnerability allows attackers to include local files on the server through improper input vali | |
| 2246 | CVE-2025-32141 |
|
67.8th | 8.8 | This vulnerability allows attackers to include local files on the server through improper filename c | |
| 2247 | CVE-2025-66251 |
|
67.8th | 9.1 | This vulnerability allows unauthenticated attackers to delete arbitrary .tgz files via path traversa | |
| 2248 | CVE-2025-34024 |
|
67.8th | 8.8 | An authenticated OS command injection vulnerability in Edimax EW-7438RPn firmware allows attackers t | |
| 2249 | CVE-2025-64124 |
|
67.8th | 8.8 | This OS command injection vulnerability in Nuvation Energy Multi-Stack Controller allows attackers t | |
| 2250 | CVE-2025-9485 |
|
67.7th | 9.8 | The OAuth Single Sign On plugin for WordPress has a critical authentication bypass vulnerability. Un |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free