Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 2251 | CVE-2025-22238 |
|
33.7th | 4.2 | This CVE describes a directory traversal vulnerability in SaltStack's master cache creation that all | |
| 2252 | CVE-2025-7901 |
|
33.6th | 4.3 | This vulnerability allows attackers to inject malicious scripts via the configUrl parameter in Swagg | |
| 2253 | CVE-2025-66115 |
|
33.6th | 6.6 | This vulnerability allows attackers to include local files on the server through improper filename c | |
| 2254 | CVE-2025-42884 |
|
33.6th | 6.5 | SAP NetWeaver Enterprise Portal has a JNDI injection vulnerability that allows unauthenticated attac | |
| 2255 | CVE-2025-13624 |
|
33.6th | 6.1 | This vulnerability allows unauthenticated attackers to inject malicious scripts via the PHP_SELF par | |
| 2256 | CVE-2025-14151 |
|
33.6th | 6.1 | The SlimStat Analytics WordPress plugin has a stored XSS vulnerability that allows unauthenticated a | |
| 2257 | CVE-2025-68390 |
|
33.7th | 4.9 | This vulnerability allows authenticated Elasticsearch users with snapshot restore privileges to caus | |
| 2258 | CVE-2025-13861 |
|
33.6th | 6.1 | This vulnerability allows unauthenticated attackers to inject malicious scripts into WordPress admin | |
| 2259 | CVE-2025-23408 |
|
33.7th | 6.5 | Apache Fineract versions through 1.10.1 have weak password requirements that allow attackers to set | |
| 2260 | CVE-2025-14049 |
|
33.6th | 6.1 | This vulnerability allows unauthenticated attackers to execute reflected cross-site scripting (XSS) | |
| 2261 | CVE-2025-14137 |
|
33.6th | 6.1 | The Simple AL Slider WordPress plugin has a reflected cross-site scripting (XSS) vulnerability that | |
| 2262 | CVE-2025-14129 |
|
33.6th | 6.1 | The Like DisLike Voting WordPress plugin contains a reflected cross-site scripting (XSS) vulnerabili | |
| 2263 | CVE-2025-14225 |
|
33.6th | 6.3 | This vulnerability allows remote attackers to execute arbitrary commands on D-Link DCS-930L IP camer | |
| 2264 | CVE-2025-13893 |
|
33.6th | 6.1 | The Lesson Plan Book WordPress plugin has a reflected cross-site scripting vulnerability that allows | |
| 2265 | CVE-2025-14131 |
|
33.6th | 6.1 | The WP Widget Changer WordPress plugin contains a reflected cross-site scripting (XSS) vulnerability | |
| 2266 | CVE-2025-47208 |
|
33.7th | 6.5 | This CVE describes a resource exhaustion vulnerability in QNAP operating systems where authenticated | |
| 2267 | CVE-2023-37035 |
|
33.5th | 6.5 | A null pointer dereference vulnerability in Magma's Mobile Management Entity (MME) allows network-ad | |
| 2268 | CVE-2023-37025 |
|
33.5th | 6.5 | A null pointer dereference vulnerability in Magma's Mobile Management Entity (MME) allows network-ad | |
| 2269 | CVE-2024-49782 |
|
33.5th | 6.8 | This vulnerability in IBM OpenPages with Watson allows attackers to spoof mail server identity when | |
| 2270 | CVE-2025-22645 |
|
33.6th | 5.3 | This vulnerability allows attackers to bypass CAPTCHA protection and perform unlimited password brut | |
| 2271 | CVE-2025-22602 |
|
33.6th | 6.5 | This vulnerability allows attackers to execute arbitrary JavaScript in users' browsers by posting ma | |
| 2272 | CVE-2024-56328 |
|
33.6th | 6.5 | This CVE allows attackers to execute arbitrary JavaScript in users' browsers by posting malicious on | |
| 2273 | CVE-2025-24972 |
|
33.5th | 4.3 | Discourse users who disabled direct messaging in their preferences could still be added to group dir | |
| 2274 | CVE-2024-58109 |
|
33.5th | 4.6 | A buffer overflow vulnerability exists in the codec module that could allow attackers to crash affec | |
| 2275 | CVE-2025-4552 |
|
33.5th | 5.4 | This vulnerability in ContiNew Admin allows unauthenticated attackers to remotely reset the super ad | |
| 2276 | CVE-2025-11139 |
|
33.5th | 6.3 | This is a path traversal vulnerability in Bjskzy Zhiyou ERP that allows attackers to manipulate file | |
| 2277 | CVE-2025-9029 |
|
33.5th | 4.3 | This vulnerability allows unauthenticated attackers to submit feedback data to external services via | |
| 2278 | CVE-2025-36917 |
|
33.5th | 6.5 | This vulnerability in SwDcpItg of up_L2commonPdcpSecurity.cpp allows remote attackers to cause denia | |
| 2279 | CVE-2025-36912 |
|
33.5th | 6.5 | This vulnerability in cellular modem firmware allows remote attackers to cause denial of service wit | |
| 2280 | CVE-2025-23529 |
|
33.4th | 6.5 | This CVE describes a Missing Authorization vulnerability in the Blokhaus Minterpress WordPress plugi | |
| 2281 | CVE-2025-24580 |
|
33.4th | 6.5 | This CVE describes a Missing Authorization vulnerability in the WordPress 12 Step Meeting List plugi | |
| 2282 | CVE-2024-5872 |
|
33.4th | 6.5 | This vulnerability in Arista EOS allows specially crafted packets with incorrect VLAN tags to be inc | |
| 2283 | CVE-2024-13252 |
|
33.4th | 5.4 | This Cross-Site Scripting (XSS) vulnerability in Drupal TacJS allows attackers to inject malicious s | |
| 2284 | CVE-2024-13245 |
|
33.4th | 5.4 | This vulnerability allows attackers to inject malicious scripts into web pages through the CKEditor | |
| 2285 | CVE-2024-13237 |
|
33.4th | 5.4 | This CVE describes a cross-site scripting (XSS) vulnerability in Drupal's File Entity module that al | |
| 2286 | CVE-2024-12464 |
|
33.4th | 6.4 | The Chatroll Live Chat WordPress plugin has a stored XSS vulnerability in versions up to 2.5.0. Auth | |
| 2287 | CVE-2024-11383 |
|
33.4th | 6.4 | The CC Canadian Mortgage Calculator WordPress plugin has a stored cross-site scripting vulnerability | |
| 2288 | CVE-2025-23534 |
|
33.4th | 6.5 | CVE-2025-23534 is a missing authorization vulnerability in the WPLingo WordPress plugin that allows | |
| 2289 | CVE-2025-23527 |
|
33.4th | 6.5 | This CVE describes a Missing Authorization vulnerability in the WC Wallet WordPress plugin that allo | |
| 2290 | CVE-2025-29790 |
|
33.4th | 5.4 | This vulnerability allows attackers to upload malicious SVG files containing cross-site scripting (X | |
| 2291 | CVE-2025-1944 |
|
33.4th | 6.5 | CVE-2025-1944 is a ZIP archive manipulation vulnerability in picklescan versions before 0.0.23 that | |
| 2292 | CVE-2025-23613 |
|
33.4th | 6.5 | This vulnerability allows unauthorized users to access functionality intended only for authenticated | |
| 2293 | CVE-2025-23515 |
|
33.4th | 6.5 | This CVE describes a Missing Authorization vulnerability in the ts-tree WordPress plugin that allows | |
| 2294 | CVE-2023-7088 |
|
33.4th | 5.4 | This vulnerability in the Add SVG Support for Media Uploader WordPress plugin allows users with Auth | |
| 2295 | CVE-2025-5497 |
|
33.4th | 6.3 | This vulnerability allows remote attackers to execute arbitrary code through deserialization of untr | |
| 2296 | CVE-2025-42886 |
|
33.4th | 6.1 | This is a reflected cross-site scripting (XSS) vulnerability in SAP Business Connector that allows u | |
| 2297 | CVE-2025-53592 |
|
33.4th | 6.5 | A NULL pointer dereference vulnerability in QNAP operating systems allows authenticated remote attac | |
| 2298 | CVE-2025-44013 |
|
33.4th | 6.5 | A NULL pointer dereference vulnerability in QNAP operating systems allows authenticated remote attac | |
| 2299 | CVE-2025-0753 |
|
33.3th | 6.3 | A critical heap-based buffer overflow vulnerability in Axiomatic Bento4's mp42aac component allows r | |
| 2300 | CVE-2025-24782 |
|
33.3th | 6.5 | This vulnerability allows attackers to include local files on the server through improper filename c |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free