Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
2201	CVE-2026-22797	0.11%	28.8th	9.9	This vulnerability in OpenStack keystonemiddleware allows authenticated attackers to forge identity
2202	CVE-2026-25241	0.11%	29th	9.8	This CVE describes an unauthenticated SQL injection vulnerability in PEAR's package retrieval endpoi
2203	CVE-2024-4282	0.11%	28.8th	9.8	This vulnerability allows attackers to perform man-in-the-middle attacks against SSH connections to
2204	CVE-2025-39380	0.11%	28.8th	10.0	This vulnerability allows attackers to upload arbitrary files, including web shells, to the Hospital
2205	CVE-2025-30133	0.11%	28.8th	9.8	This vulnerability allows attackers to bypass the pairing/registration requirement on IROAD Dashcam
2206	CVE-2025-45814	0.11%	28.7th	9.8	Missing authentication checks in the query.fcgi endpoint of NovelSat NS3000 and NS2000 satellite mod
2207	CVE-2024-50645	0.11%	28.8th	9.8	MallChat v1.0-SNAPSHOT has an authentication bypass vulnerability that allows attackers to access AP
2208	CVE-2024-50644	0.11%	28.8th	9.8	CVE-2024-50644 is an authentication bypass vulnerability in zhisheng17 blog version 3.0.1-SNAPSHOT t
2209	CVE-2025-11710	0.11%	28.7th	9.8	This vulnerability allows a compromised web process to send malicious IPC messages that cause the pr
2210	CVE-2025-61777	0.11%	28.7th	9.4	Flag Forge CTF platform versions 2.0.0 through 2.3.1 have unauthenticated API endpoints that allow u
2211	CVE-2025-68706	0.11%	28.7th	9.8	A stack-based buffer overflow vulnerability in KuWFi 4G LTE AC900 devices allows attackers to crash
2212	CVE-2026-22234	0.11%	28.7th	9.8	This vulnerability allows unauthenticated attackers to access the OPEXUS eCasePortal 'Attachments.as
2213	CVE-2025-39402	0.1%	28.6th	9.9	This vulnerability allows attackers to upload arbitrary files, including web shells, to WordPress se
2214	CVE-2025-26872	0.1%	28.6th	9.9	This vulnerability allows attackers to upload malicious files to WordPress sites using the Eximius t
2215	CVE-2025-26845	0.1%	28.6th	9.8	CVE-2025-26845 is an eval injection vulnerability in Znuny that allows authenticated users with conf
2216	CVE-2025-8264	0.1%	28.5th	9.0	This SQL injection vulnerability in Z-Push allows attackers to execute arbitrary SQL commands by man
2217	CVE-2025-7972	0.1%	28.6th	9.1	This vulnerability allows attackers to bypass FTSP token validation in FactoryTalk Linx Network Brow
2218	CVE-2025-58083	0.1%	28.6th	10.0	The General Industrial Controls Lynx+ Gateway has a critical authentication bypass vulnerability in
2219	CVE-2025-65319	0.1%	28.5th	9.1	This vulnerability in Blue Mail allows attackers to bypass Windows and third-party security protecti
2220	CVE-2025-65318	0.1%	28.5th	9.1	Canary Mail versions 5.1.40 and below fail to apply Mark-of-the-Web (MOTW) tags to downloaded attach
2221	CVE-2025-13888	0.1%	28.5th	9.1	This vulnerability allows authenticated namespace administrators in OpenShift GitOps to create ArgoC
2222	CVE-2025-13836	0.1%	28.6th	9.1	This vulnerability in Python's HTTP client libraries allows a malicious server to cause denial-of-se
2223	CVE-2024-8855	0.1%	28.5th	9.8	This SQL injection vulnerability in the WordPress Auction Plugin allows authenticated users with edi
2224	CVE-2024-13152	0.1%	28.4th	10.0	This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at
2225	CVE-2024-12016	0.1%	28.4th	9.8	This SQL injection vulnerability in CM Informatics CM News allows attackers to execute arbitrary SQL
2226	CVE-2024-8997	0.1%	28.4th	9.8	This SQL injection vulnerability in Vestel EVC04 Configuration Interface allows attackers to execute
2227	CVE-2024-12144	0.1%	28.4th	9.8	This SQL injection vulnerability in Finder Fire Safety Finder ERP/CRM (Old System) allows attackers
2228	CVE-2024-12097	0.1%	28.4th	9.8	This SQL injection vulnerability in Boceksoft Informatics E-Travel allows attackers to execute arbit
2229	CVE-2025-26136	0.1%	28.4th	9.8	A SQL injection vulnerability in mysiteforme allows attackers to execute arbitrary SQL commands on t
2230	CVE-2025-1875	0.1%	28.4th	9.8	CVE-2025-1875 is a critical SQL injection vulnerability in 101news version 1.0 that allows attackers
2231	CVE-2025-1873	0.1%	28.4th	9.8	A critical SQL injection vulnerability exists in 101news CMS version 1.0 through the 'pagetitle' and
2232	CVE-2025-1871	0.1%	28.4th	9.8	A SQL injection vulnerability in 101news version 1.0 allows attackers to execute arbitrary SQL comma
2233	CVE-2025-1869	0.1%	28.4th	9.8	A SQL injection vulnerability in 101news version 1.0 allows attackers to execute arbitrary SQL comma
2234	CVE-2025-26846	0.1%	28.3th	9.8	A missing authorization vulnerability in Znuny's Generic Interface allows attackers to modify ticket
2235	CVE-2025-9287	0.1%	28.4th	9.1	CVE-2025-9287 is an improper input validation vulnerability in the cipher-base npm package that allo
2236	CVE-2025-54592	0.1%	28.4th	9.8	FreshRSS versions 1.26.3 and below have a session management vulnerability where logout doesn't prop
2237	CVE-2025-58764	0.1%	28.5th	9.8	CVE-2025-58764 is a command injection vulnerability in Claude Code that allows bypassing the confirm
2238	CVE-2025-61929	0.1%	28.3th	9.6	CVE-2025-61929 is a critical remote code execution vulnerability in Cherry Studio's custom protocol
2239	CVE-2025-10283	0.1%	28.4th	9.6	CVE-2025-10283 is a path traversal vulnerability in BBOT's gitdumper module that allows remote code
2240	CVE-2025-65041	0.1%	28.5th	10.0	CVE-2025-65041 is an improper authorization vulnerability in Microsoft Partner Center that allows un
2241	CVE-2026-23841	0.1%	28.5th	9.3	CVE-2026-23841 is a cross-site scripting (XSS) vulnerability in Movary web application versions prio
2242	CVE-2022-50926	0.1%	28.3th	9.8	This vulnerability in WAGO 750-8212 PFC200 G2 2ETH RS firmware allows attackers to escalate privileg
2243	CVE-2025-45953	0.1%	28.2th	9.1	A session hijacking vulnerability in PHPGurukul Hostel Management System 2.1 allows attackers to ste
2244	CVE-2025-28104	0.1%	28.2th	9.1	An incorrect access control vulnerability in flaskBlog v2.6.1 allows unauthenticated attackers to re
2245	CVE-2025-49457	0.1%	28.2th	9.6	This vulnerability allows an unauthenticated attacker on the same network to escalate privileges on
2246	CVE-2025-5095	0.1%	28.3th	9.8	CVE-2025-5095 is an authentication bypass vulnerability in Burk Technology ARC Solo devices that all
2247	CVE-2025-64721	0.1%	28.1th	10.0	This vulnerability in Sandboxie allows sandboxed processes to exploit an integer overflow in the Sbi
2248	CVE-2026-25520	0.1%	28.2th	10.0	SandboxJS versions before 0.8.29 have a critical sandbox escape vulnerability that allows attackers
2249	CVE-2025-32985	0.1%	28th	9.8	NETSCOUT nGeniusONE versions before 6.4.0 b2350 contain hardcoded credentials within JAR files that
2250	CVE-2025-4144	0.1%	28th	9.8	This vulnerability allows attackers to bypass PKCE (Proof Key for Code Exchange) protection in the w

← Previous Page 45 of 70 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free