Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
2301	CVE-2025-24361	0.13%	33.3th	5.3	This vulnerability allows attackers to steal source code from Nuxt applications during development w
2302	CVE-2025-21554	0.13%	33.3th	5.3	An unauthenticated attacker can exploit this vulnerability via HTTP to read sensitive data from Orac
2303	CVE-2025-0441	0.13%	33.2th	6.5	This vulnerability in Google Chrome's Fenced Frames implementation allows attackers to extract poten
2304	CVE-2024-37925	0.13%	33.3th	5.4	This CSRF vulnerability in BuddyBoss Theme allows attackers to trick authenticated users into perfor
2305	CVE-2024-37438	0.13%	33.3th	5.4	A Cross-Site Request Forgery (CSRF) vulnerability in Uncanny Toolkit Pro for LearnDash WordPress plu
2306	CVE-2024-37508	0.13%	33.2th	4.3	This CSRF vulnerability in the Rara Theme Construction Landing Page WordPress theme allows attackers
2307	CVE-2025-23405	0.13%	33.2th	5.3	This vulnerability involves improper output neutralization for logs (CWE-117) in DarioHealth medical
2308	CVE-2023-51305	0.13%	33.1th	5.4	PHPJabbers Car Park Booking System v3.0 contains multiple stored cross-site scripting vulnerabilitie
2309	CVE-2025-28096	0.13%	33.3th	5.4	OneNav 1.1.0 contains a Server-Side Request Forgery (SSRF) vulnerability in custom headers functiona
2310	CVE-2025-54101	0.13%	33.2th	4.8	A use-after-free vulnerability in Windows SMBv3 Client allows authenticated attackers to execute arb
2311	CVE-2025-12450	0.13%	33.2th	6.1	The LiteSpeed Cache WordPress plugin has a reflected cross-site scripting vulnerability that allows
2312	CVE-2025-12017	0.13%	33.2th	6.1	The VNPAY Payment gateway plugin for WordPress is vulnerable to Reflected Cross-Site Scripting (XSS)
2313	CVE-2025-9163	0.13%	33.2th	6.1	The Houzez WordPress theme allows unauthenticated attackers to upload malicious SVG files containing
2314	CVE-2025-11885	0.13%	33.2th	6.1	The EchBay Admin Security WordPress plugin is vulnerable to reflected cross-site scripting (XSS) via
2315	CVE-2025-12079	0.13%	33.2th	6.1	The WP Twitter Auto Publish WordPress plugin contains a reflected cross-site scripting (XSS) vulnera
2316	CVE-2025-12078	0.13%	33.2th	6.1	The ArtiBot Free Chat Bot plugin for WordPress has a reflected cross-site scripting vulnerability vi
2317	CVE-2025-61623	0.13%	33.2th	6.5	This CVE describes a reflected cross-site scripting (XSS) vulnerability in Apache OFBiz that allows
2318	CVE-2025-12193	0.13%	33.2th	6.1	The Mang Board WP plugin for WordPress has a reflected cross-site scripting (XSS) vulnerability in t
2319	CVE-2025-12064	0.13%	33.2th	6.1	The WP2Social Auto Publish WordPress plugin contains a reflected cross-site scripting (XSS) vulnerab
2320	CVE-2025-11263	0.13%	33.2th	6.1	The Link Whisper Free WordPress plugin contains a reflected cross-site scripting vulnerability that
2321	CVE-2026-20026	0.13%	33.3th	5.8	This vulnerability in Cisco products allows unauthenticated remote attackers to cause Snort 3 Detect
2322	CVE-2024-13561	0.13%	33.1th	6.4	This stored XSS vulnerability in the Target Video Easy Publish WordPress plugin allows authenticated
2323	CVE-2024-52327	0.13%	33.1th	6.5	This vulnerability allows authenticated attackers to bypass the PIN protection on ECOVACS robot lawn
2324	CVE-2022-23439	0.13%	33th	4.7	This vulnerability allows attackers to poison web caches by sending crafted HTTP requests with malic
2325	CVE-2023-37027	0.13%	33th	6.5	A null pointer dereference vulnerability in Magma's Mobile Management Entity (MME) allows network-ad
2326	CVE-2024-11870	0.13%	33.1th	6.4	This vulnerability allows authenticated WordPress users with contributor-level access or higher to i
2327	CVE-2025-0053	0.13%	33.1th	5.3	SAP NetWeaver Application Server for ABAP and ABAP Platform contains an information disclosure vulne
2328	CVE-2024-12217	0.13%	33th	5.3	This vulnerability in the gradio-app/gradio repository allows attackers to bypass file access restri
2329	CVE-2024-10321	0.13%	33th	4.3	This vulnerability in the WidgetKit plugin for WordPress allows authenticated users with Contributor
2330	CVE-2025-31285	0.13%	33.1th	4.6	A broken access control vulnerability in Trend Vision One allowed administrators to create users who
2331	CVE-2025-31283	0.13%	33.1th	4.6	A broken access control vulnerability in Trend Vision One User Roles allowed administrators to creat
2332	CVE-2025-29521	0.13%	33.1th	5.3	D-Link DSL-7740C routers with vulnerable firmware have insecure default credentials for the Administ
2333	CVE-2013-10072	0.13%	33.1th	6.5	Nagios XI versions before 2012R1.6 have an authorization flaw in Auto-Discovery functionality. Users
2334	CVE-2023-47692	0.13%	32.9th	4.3	This CVE describes a Missing Authorization vulnerability in Flothemes Flo Forms WordPress plugin tha
2335	CVE-2023-46612	0.13%	32.9th	4.3	This CVE describes a Missing Authorization vulnerability in the codedrafty Mediabay WordPress plugin
2336	CVE-2023-45110	0.13%	32.9th	4.3	This CVE describes a missing authorization vulnerability in the Bold Timeline Lite WordPress plugin
2337	CVE-2023-51327	0.13%	32.9th	6.5	This vulnerability allows attackers to send excessive password reset emails to legitimate users by e
2338	CVE-2024-56473	0.13%	32.9th	5.3	IBM Aspera Shares versions 1.9.0 through 1.10.0 PL6 improperly validate 'Client-IP' headers, allowin
2339	CVE-2025-0510	0.13%	32.9th	6.5	Thunderbird email client displays incorrect sender addresses when emails use invalid group name synt
2340	CVE-2024-45651	0.13%	33th	6.3	IBM Sterling Connect:Direct Web Services versions 6.1.0, 6.2.0, and 6.3.0 fail to properly invalidat
2341	CVE-2025-22089	0.13%	33th	5.5	A Linux kernel vulnerability in the RDMA subsystem allows exposure of hardware counters to non-initi
2342	CVE-2025-30653	0.13%	32.9th	6.5	An expired pointer dereference vulnerability in Juniper's Routing Protocol Daemon (rpd) allows adjac
2343	CVE-2025-30646	0.13%	32.9th	6.5	A signed-to-unsigned conversion error in Juniper's Layer 2 Control Protocol daemon (l2cpd) allows an
2344	CVE-2025-2513	0.13%	32.9th	6.4	The Smart Icons For WordPress plugin versions up to 1.0.4 contain a stored cross-site scripting vuln
2345	CVE-2025-31751	0.13%	32.9th	6.5	A Cross-Site Request Forgery (CSRF) vulnerability in the Breaking News WP WordPress plugin allows at
2346	CVE-2025-26262	0.13%	32.9th	6.5	This vulnerability in Linux Malware Detect (LMD) allows attackers to escalate privileges and execute
2347	CVE-2025-55070	0.13%	32.9th	6.5	Mattermost versions before 11 fail to enforce multi-factor authentication on WebSocket connections,
2348	CVE-2025-15229	0.13%	33th	5.3	A buffer overflow vulnerability in Tenda CH22 routers allows remote attackers to cause denial of ser
2349	CVE-2023-38271	0.13%	32.7th	4.3	This vulnerability in IBM Cloud Pak System allows authenticated users to access sensitive informatio
2350	CVE-2025-24552	0.13%	32.8th	5.3	This CVE describes an information disclosure vulnerability in the Paytium WordPress plugin where err

← Previous Page 47 of 331 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free