Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
2201	CVE-2025-57705	0.14%	34.2th	4.9	This CVE describes a resource allocation vulnerability in QNAP operating systems where an authentica
2202	CVE-2025-22888	0.14%	34.1th	5.4	Movable Type's MT Block Editor has a stored XSS vulnerability in the custom block edit page. Attacke
2203	CVE-2024-13374	0.14%	34.1th	4.3	The WP Table Manager WordPress plugin has an authorization vulnerability that allows authenticated u
2204	CVE-2024-39311	0.14%	34.1th	5.4	This vulnerability allows a publisher user in Publify to perform cross-site scripting (XSS) attacks
2205	CVE-2025-30366	0.14%	34.1th	5.4	WeGIA versions before 3.2.8 have a stored cross-site scripting vulnerability that allows attackers t
2206	CVE-2024-41447	0.14%	34.1th	5.4	This stored XSS vulnerability in Alkacon OpenCMS v17.0 allows attackers to inject malicious scripts
2207	CVE-2024-40069	0.14%	34.1th	5.4	This vulnerability allows attackers to inject malicious scripts into the Online ID Generator System
2208	CVE-2024-46494	0.14%	34.1th	5.4	This cross-site scripting vulnerability in Typecho v1.2.1 allows attackers to inject malicious scrip
2209	CVE-2025-0246	0.14%	34th	6.5	This vulnerability allows an attacker to spoof the address bar in Firefox on Android by using an inv
2210	CVE-2024-12532	0.14%	33.9th	4.3	The BWD Elementor Addons WordPress plugin exposes sensitive template data including private, pending
2211	CVE-2024-12538	0.14%	33.9th	4.3	The Duplicate Post WordPress plugin allows authenticated users with Contributor-level access or high
2212	CVE-2023-46628	0.14%	34th	4.3	This CVE describes a Missing Authorization vulnerability in the WP Word Count WordPress plugin that
2213	CVE-2020-13481	0.14%	34.1th	6.1	This CVE describes a cross-site scripting (XSS) vulnerability in certain Lexmark printer products th
2214	CVE-2025-25473	0.14%	34th	5.3	A memory leak vulnerability exists in FFmpeg's avformat_free_context function, which fails to proper
2215	CVE-2025-1780	0.14%	34.1th	4.3	This vulnerability allows authenticated WordPress users with Subscriber-level access or higher to mo
2216	CVE-2025-22037	0.14%	33.9th	5.5	A null pointer dereference vulnerability in the Linux kernel's ksmbd SMB server allows attackers to
2217	CVE-2025-46096	0.14%	34th	6.1	A directory traversal vulnerability in Solon v3.1.2 allows remote attackers to conduct cross-site sc
2218	CVE-2025-65501	0.14%	34th	4.3	A null pointer dereference vulnerability in libcoap's DTLS handshake processing allows remote attack
2219	CVE-2025-65500	0.14%	34th	4.3	A NULL pointer dereference vulnerability in OISM libcoap's DTLS cookie generation function allows re
2220	CVE-2025-65498	0.14%	34th	4.3	A NULL pointer dereference vulnerability in OISM libcoap's DTLS implementation allows remote attacke
2221	CVE-2025-65497	0.14%	34th	4.3	A NULL pointer dereference vulnerability in OISM libcoap's DTLS cookie generation function allows re
2222	CVE-2025-65496	0.14%	34th	4.3	A NULL pointer dereference vulnerability in OISM libcoap's DTLS implementation allows remote attacke
2223	CVE-2025-14466	0.14%	34th	5.3	An unauthenticated attacker can send specially-crafted HTTP requests to the web interface of Güralp
2224	CVE-2025-14166	0.14%	34th	5.3	The WPMasterToolkit WordPress plugin allows authenticated users with Contributor-level access or hig
2225	CVE-2025-63529	0.14%	34.1th	6.1	A session fixation vulnerability in Blood Bank Management System 1.0 allows attackers to hijack user
2226	CVE-2025-53596	0.14%	34th	4.9	A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with admi
2227	CVE-2025-53590	0.14%	34th	4.9	A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with admi
2228	CVE-2025-53589	0.14%	34th	4.9	A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with admi
2229	CVE-2025-53414	0.14%	34th	4.9	A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with admi
2230	CVE-2025-53405	0.14%	34th	4.9	A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with admi
2231	CVE-2025-52431	0.14%	34th	4.9	A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with admi
2232	CVE-2025-52430	0.14%	34th	4.9	A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with admi
2233	CVE-2025-52426	0.14%	34th	4.9	A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with admi
2234	CVE-2024-13370	0.14%	33.9th	6.5	This vulnerability allows authenticated WordPress users with Subscriber-level access or higher to up
2235	CVE-2024-13134	0.14%	33.8th	6.3	This critical vulnerability in ZeroWdd studentmanager 1.0 allows remote attackers to upload arbitrar
2236	CVE-2025-0719	0.14%	33.8th	6.1	IBM Cloud Pak for Data versions 4.0.0 through 4.8.5 and 5.0.0 contain a cross-site scripting (XSS) v
2237	CVE-2024-13439	0.14%	33.9th	4.3	The Team – Team Members Showcase Plugin for WordPress has a missing capability check in its respon
2238	CVE-2025-26157	0.14%	33.9th	5.9	A SQL injection vulnerability in the Beauty Parlour Management System V1.1 allows remote attackers t
2239	CVE-2025-3018	0.14%	33.9th	6.3	This critical SQL injection vulnerability in SourceCodester Online Eyewear Shop 1.0 allows attackers
2240	CVE-2024-55594	0.14%	33.9th	5.6	CVE-2024-55594 is an improper input validation vulnerability in Fortinet FortiWeb web application fi
2241	CVE-2023-42784	0.14%	33.9th	5.6	CVE-2023-42784 is an improper input validation vulnerability in Fortinet FortiWeb web application fi
2242	CVE-2025-0071	0.14%	33.8th	4.9	SAP Web Dispatcher and Internet Communication Manager allow administrators to enable debugging trace
2243	CVE-2025-3211	0.14%	33.9th	6.3	A critical SQL injection vulnerability in code-projects Patient Record Management System 1.0 allows
2244	CVE-2025-3207	0.14%	33.9th	6.3	This critical SQL injection vulnerability in Patient Record Management System 1.0 allows remote atta
2245	CVE-2025-11372	0.14%	33.8th	6.5	This vulnerability in the LearnPress WordPress LMS plugin allows unauthenticated attackers to perfor
2246	CVE-2025-65499	0.14%	33.9th	4.3	An array index error in OISM libcoap's TLS verification callback allows remote attackers to cause de
2247	CVE-2025-25204	0.14%	33.7th	6.3	A bug in GitHub's CLI tool `gh` causes the `gh attestation verify` command to incorrectly return a z
2248	CVE-2025-25872	0.14%	33.7th	5.5	A privilege escalation vulnerability in Open Panel v0.3.4 allows remote attackers to gain elevated p
2249	CVE-2025-1551	0.14%	33.6th	6.1	IBM Operational Decision Manager versions 8.11.0.1 through 9.0.0.1 contain a cross-site scripting vu
2250	CVE-2025-45729	0.14%	33.6th	6.3	D-Link DIR-823-Pro router firmware version 1.02 has improper permission control that allows unauthor

← Previous Page 45 of 331 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free