Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
2301	CVE-2025-15521	0.1%	27th	9.8	This vulnerability allows unauthenticated attackers to change any user's password in the Academy LMS
2302	CVE-2025-64090	0.1%	27th	10.0	This vulnerability allows authenticated attackers to execute arbitrary commands on affected devices
2303	CVE-2026-25526	0.1%	27th	9.8	CVE-2026-25526 is a critical vulnerability in JinJava template engine that allows attackers to bypas
2304	CVE-2025-53004	0.1%	26.9th	9.8	This vulnerability allows attackers to bypass security controls in DataEase's Redshift JDBC connecti
2305	CVE-2025-53005	0.1%	26.9th	9.8	This vulnerability allows attackers to bypass security controls in DataEase's PostgreSQL data source
2306	CVE-2025-6440	0.1%	26.8th	9.8	The WooCommerce Designer Pro plugin for WordPress has an unauthenticated arbitrary file upload vulne
2307	CVE-2025-9152	0.1%	26.8th	9.8	This vulnerability allows unauthenticated attackers to generate administrative access tokens in WSO2
2308	CVE-2020-36852	0.1%	26.7th	9.1	This vulnerability in the WordPress Custom Searchable Data Entry System plugin allows unauthenticate
2309	CVE-2025-65276	0.1%	26.8th	9.8	This vulnerability allows unauthenticated attackers to directly access the administrative dashboard
2310	CVE-2025-64762	0.1%	26.8th	9.1	The AuthKit library for Next.js versions 2.11.0 and below fails to apply anti-caching headers to aut
2311	CVE-2025-64755	0.1%	26.7th	9.8	CVE-2025-64755 is a critical vulnerability in Claude Code versions before 2.0.31 that allows attacke
2312	CVE-2025-30524	0.1%	26.7th	9.3	This SQL injection vulnerability in the origincode Product Catalog WordPress plugin allows attackers
2313	CVE-2025-28942	0.1%	26.7th	9.3	This SQL injection vulnerability in the Trust Payments Gateway for WooCommerce plugin allows attacke
2314	CVE-2025-26941	0.1%	26.7th	9.3	This SQL injection vulnerability in the Church Admin WordPress plugin allows attackers to execute ar
2315	CVE-2025-32980	0.1%	26.7th	9.8	NETSCOUT nGeniusONE before version 6.4.0 P11 b3245 has a weak sudo configuration that allows local u
2316	CVE-2025-43859	0.1%	26.6th	9.1	CVE-2025-43859 is an HTTP request smuggling vulnerability in the h11 Python library's parsing of chu
2317	CVE-2025-2421	0.1%	26.7th	9.8	This critical code injection vulnerability in Profelis Informatics SambaBox allows attackers to exec
2318	CVE-2025-7343	0.1%	26.6th	9.8	This SQL injection vulnerability in Digiwin's SFT software allows unauthenticated remote attackers t
2319	CVE-2025-27845	0.1%	26.6th	9.8	ESPEC North America Web Controller 3 versions before 3.3.4 expose JWT secrets when receiving invalid
2320	CVE-2025-34198	0.1%	26.5th	9.8	Vasion Print (formerly PrinterLogic) appliances use the same hardcoded SSH host private keys across
2321	CVE-2025-61235	0.1%	26.6th	9.1	CVE-2025-61235 is an authentication bypass vulnerability in Dataphone A920 devices where specially c
2322	CVE-2025-62353	0.1%	26.6th	9.8	A path traversal vulnerability in Windsurf IDE allows attackers to read and write arbitrary files on
2323	CVE-2025-12421	0.1%	26.7th	9.9	This vulnerability allows authenticated Mattermost users to perform account takeover by exploiting a
2324	CVE-2025-12419	0.1%	26.7th	9.9	This vulnerability allows authenticated attackers with team creation privileges to take over user ac
2325	CVE-2025-68435	0.1%	26.5th	9.1	Zerobyte backup automation tool versions before 0.18.5 and 0.19.0 have an authentication bypass vuln
2326	CVE-2025-32576	0.09%	26.2th	9.6	A Cross-Site Request Forgery (CSRF) vulnerability in the WP shop WordPress plugin allows attackers t
2327	CVE-2025-32496	0.09%	26.2th	9.6	A Cross-Site Request Forgery (CSRF) vulnerability in the Ultra Demo Importer WordPress plugin allows
2328	CVE-2025-47952	0.09%	26.2th	9.1	This vulnerability in Traefik allows attackers to bypass router path matching rules by using URL-enc
2329	CVE-2025-48749	0.09%	26.5th	9.1	Netwrix Directory Manager (formerly Imanami GroupID) versions 11.0.0.0 and earlier, and versions aft
2330	CVE-2025-46490	0.09%	26.2th	9.9	This vulnerability allows attackers to upload arbitrary files, including web shells, to web servers
2331	CVE-2025-35996	0.09%	26.4th	9.0	KUNBUS PiCtory versions 2.11.1 and earlier contain a stored cross-site scripting (XSS) vulnerability
2332	CVE-2025-40914	0.09%	26.3th	9.8	CVE-2025-40914 is an integer overflow vulnerability in Perl CryptX's embedded libtommath library tha
2333	CVE-2025-49001	0.09%	26.5th	9.8	CVE-2025-49001 is a critical authentication bypass vulnerability in DataEase where JWT token secret
2334	CVE-2025-54946	0.09%	26.4th	9.8	A SQL injection vulnerability in SUNNET Corporate Training Management System allows remote attackers
2335	CVE-2025-59545	0.09%	26.2th	9.0	This vulnerability in DNN's Prompt module allows attackers to execute arbitrary scripts through mali
2336	CVE-2025-10738	0.09%	26.2th	9.8	This SQL injection vulnerability in the URL Shortener Plugin For WordPress allows unauthenticated at
2337	CVE-2026-24132	0.09%	26.5th	9.8	Orval versions 7.19.0 and below and 8.0.0-rc.0 through 8.0.2 contain a code injection vulnerability
2338	CVE-2025-51958	0.09%	26.4th	9.8	CVE-2025-51958 is a critical remote code execution vulnerability in the aelsantex runcommand plugin
2339	CVE-2024-1509	0.09%	26.2th	9.1	Brocade ASCG web interface versions before 3.2.0 lack HTTP Strict Transport Security (HSTS) enforcem
2340	CVE-2025-22699	0.09%	26.1th	9.0	This SQL injection vulnerability in the Traveler Code WordPress plugin allows unauthenticated attack
2341	CVE-2025-30132	0.09%	26.2th	9.1	IROAD Dashcam V devices use an unregistered public domain name for internal communication, creating
2342	CVE-2025-26844	0.09%	26.1th	9.8	This vulnerability in Znuny (formerly OTRS) allows attackers to steal session cookies via cross-site
2343	CVE-2025-43209	0.09%	26.1th	9.8	This is a critical out-of-bounds memory access vulnerability in Apple's Safari browser across multip
2344	CVE-2025-30135	0.09%	26.1th	9.4	IROAD Dashcam FX2 devices lack authentication on HTTP and RTSP interfaces, allowing attackers to dow
2345	CVE-2025-55398	0.09%	26.1th	9.8	A vulnerability in mouse07410 asn1c through version 0.9.29 allows attackers to bypass INTEGER constr
2346	CVE-2025-50171	0.09%	26.1th	9.1	This vulnerability allows unauthorized attackers to perform spoofing attacks against Remote Desktop
2347	CVE-2025-53792	0.09%	26.1th	9.1	This is an elevation of privilege vulnerability in Azure Portal that allows authenticated users to g
2348	CVE-2025-54807	0.09%	26.1th	9.8	CVE-2025-54807 allows attackers to bypass authentication by using a hardcoded secret key found in de
2349	CVE-2025-8077	0.09%	26.1th	9.8	NeuVector container security platform versions up to 5.4.5 use a hardcoded default password for the
2350	CVE-2024-43166	0.09%	26.1th	9.8	Apache DolphinScheduler versions before 3.2.2 have incorrect default permissions that could allow un

← Previous Page 47 of 70 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free