Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 2351 | CVE-2025-21509 |
|
32.7th | 6.5 | This vulnerability allows authenticated attackers with low privileges to cause a denial of service ( | |
| 2352 | CVE-2024-56376 |
|
32.8th | 5.4 | A stored cross-site scripting (XSS) vulnerability in REDCap 14.9.6's built-in messenger allows authe | |
| 2353 | CVE-2024-56270 |
|
32.8th | 5.3 | This CVE describes a Missing Authorization vulnerability in the WP SecureSubmit WordPress plugin tha | |
| 2354 | CVE-2024-2321 |
|
32.8th | 5.6 | This vulnerability allows attackers to bypass authorization in WSO2 products by using refresh tokens | |
| 2355 | CVE-2024-13229 |
|
32.8th | 4.3 | The Rank Math SEO WordPress plugin has an authorization vulnerability that allows authenticated user | |
| 2356 | CVE-2024-50500 |
|
32.9th | 4.3 | This CVE describes a Missing Authorization vulnerability in the Shortcodes and extra features for Ph | |
| 2357 | CVE-2024-55198 |
|
32.8th | 5.3 | This vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows remote attackers to enumerate vali | |
| 2358 | CVE-2025-24345 |
|
32.7th | 6.3 | A vulnerability in the Hosts functionality of ctrlX OS web application allows authenticated low-priv | |
| 2359 | CVE-2025-52876 |
|
32.9th | 5.4 | This vulnerability allows reflected cross-site scripting (XSS) attacks on the favoriteIcon page in J | |
| 2360 | CVE-2025-51089 |
|
32.9th | 6.5 | A heap-based buffer overflow vulnerability exists in Tenda AC8V4 routers via the /goform/GetParentCo | |
| 2361 | CVE-2025-11607 |
|
32.7th | 6.3 | A path traversal vulnerability in MoneyPrinterTurbo's API endpoint allows attackers to write arbitra | |
| 2362 | CVE-2025-12788 |
|
32.7th | 5.3 | This vulnerability allows unauthenticated attackers to bypass payment requirements in the Hydra Book | |
| 2363 | CVE-2025-12917 |
|
32.8th | 4.3 | A denial-of-service vulnerability exists in TOZED ZLT T10/T10PLUS routers version 3.04.15. Attackers | |
| 2364 | CVE-2025-15176 |
|
32.8th | 5.3 | This vulnerability in Open5GS allows remote attackers to trigger a reachable assertion in the PFCP S | |
| 2365 | CVE-2025-41694 |
|
32.9th | 6.5 | A low-privileged remote attacker can send a webshell request with an empty command containing whites | |
| 2366 | CVE-2024-57041 |
|
32.6th | 4.6 | A persistent cross-site scripting (XSS) vulnerability in NodeBB v3.11.0 allows authenticated users t | |
| 2367 | CVE-2025-0563 |
|
32.6th | 6.3 | CVE-2025-0563 is a critical SQL injection vulnerability in Fantasy-Cricket 1.0 that allows remote at | |
| 2368 | CVE-2025-0561 |
|
32.6th | 6.3 | This critical SQL injection vulnerability in itsourcecode Farm Management System 1.0 allows remote a | |
| 2369 | CVE-2025-23785 |
|
32.7th | 4.3 | This CVE describes a missing authorization vulnerability in the August Infotech AI Responsive Galler | |
| 2370 | CVE-2025-0299 |
|
32.6th | 6.3 | A critical SQL injection vulnerability in code-projects Online Book Shop 1.0 allows remote attackers | |
| 2371 | CVE-2025-0298 |
|
32.6th | 6.3 | CVE-2025-0298 is a critical SQL injection vulnerability in code-projects Online Book Shop 1.0 that a | |
| 2372 | CVE-2025-25945 |
|
32.6th | 6.5 | This vulnerability in Bento4 v1.6.0-641 allows attackers to read sensitive information from memory t | |
| 2373 | CVE-2025-25942 |
|
32.6th | 6.5 | A memory leak vulnerability in Bento4's mp4fragment tool allows attackers to cause information discl | |
| 2374 | CVE-2025-1228 |
|
32.7th | 4.3 | This vulnerability allows remote attackers to perform path traversal attacks in olajowon Loggrove's | |
| 2375 | CVE-2025-1113 |
|
32.6th | 6.3 | This critical vulnerability in tarzan-cms allows remote attackers to execute arbitrary code through | |
| 2376 | CVE-2025-1703 |
|
32.6th | 6.4 | The Ultimate Blocks WordPress plugin has a stored XSS vulnerability that allows authenticated attack | |
| 2377 | CVE-2025-22474 |
|
32.6th | 6.8 | This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in Dell SmartFabric OS10 Softw | |
| 2378 | CVE-2025-52379 |
|
32.7th | 5.4 | This vulnerability allows authenticated attackers to execute arbitrary operating system commands on | |
| 2379 | CVE-2025-54805 |
|
32.7th | 6.5 | This vulnerability in F5 BIG-IP systems causes memory resource exhaustion in the Traffic Management | |
| 2380 | CVE-2025-47150 |
|
32.7th | 6.5 | This vulnerability allows attackers to send specific SNMP requests to F5OS Appliance and Chassis sys | |
| 2381 | CVE-2025-47148 |
|
32.7th | 6.5 | This vulnerability affects BIG-IP systems configured as both SAML service provider and identity prov | |
| 2382 | CVE-2025-60833 |
|
32.6th | 6.5 | This XML External Entity (XXE) vulnerability in the uzy-ssm-mall e-commerce platform allows attacker | |
| 2383 | CVE-2024-57683 |
|
32.6th | 4.3 | This vulnerability allows unauthenticated attackers to modify URL filter settings on affected D-Link | |
| 2384 | CVE-2024-52813 |
|
32.5th | 4.3 | This vulnerability in matrix-rust-sdk's crypto crate fails to notify applications when a user's veri | |
| 2385 | CVE-2024-56244 |
|
32.5th | 5.4 | This CVE describes a Missing Authorization vulnerability in the WP Royal Ashe Extra WordPress plugin | |
| 2386 | CVE-2025-2869 |
|
32.5th | 6.1 | This CVE describes a reflected Cross-Site Scripting (XSS) vulnerability in the Clinic Queuing System | |
| 2387 | CVE-2025-30867 |
|
32.5th | 6.5 | This vulnerability allows attackers to inject malicious scripts into web pages generated by the Sear | |
| 2388 | CVE-2025-2820 |
|
32.6th | 6.5 | An authenticated attacker can cause a denial-of-service condition on affected Bizerba devices via ne | |
| 2389 | CVE-2025-27601 |
|
32.5th | 4.3 | An improper API access control vulnerability in Umbraco CMS allows authenticated users with low priv | |
| 2390 | CVE-2025-43954 |
|
32.5th | 4.9 | QMarkdown (quasar-ui-qmarkdown) versions before 2.0.5 contain a cross-site scripting (XSS) vulnerabi | |
| 2391 | CVE-2025-26998 |
|
32.5th | 6.5 | This stored cross-site scripting (XSS) vulnerability in the SKT Blocks WordPress plugin allows attac | |
| 2392 | CVE-2024-49708 |
|
32.5th | 5.4 | This stored XSS vulnerability in SoftCOM iKSORIS Internet Starter module allows attackers to inject | |
| 2393 | CVE-2025-32198 |
|
32.5th | 6.5 | This is a cross-site scripting (XSS) vulnerability in the Brizy WordPress plugin that allows attacke | |
| 2394 | CVE-2025-4260 |
|
32.5th | 4.3 | This vulnerability in Youkefu up to version 4.2.0 allows remote attackers to execute arbitrary code | |
| 2395 | CVE-2025-6533 |
|
32.6th | 5.6 | This vulnerability allows attackers to bypass authentication in novel-plus by replaying CAPTCHA toke | |
| 2396 | CVE-2025-48002 |
|
32.5th | 5.7 | An integer overflow vulnerability in Windows Hyper-V allows authenticated attackers on adjacent netw | |
| 2397 | CVE-2025-35113 |
|
32.5th | 5.9 | Agiloft Release 28 contains a template injection vulnerability in its EUI template engine that allow | |
| 2398 | CVE-2025-10954 |
|
32.6th | 5.3 | The github.com/nyaruka/phonenumbers package versions before 1.2.2 contain an input validation vulner | |
| 2399 | CVE-2025-12394 |
|
32.5th | 5.9 | The Backup Migration WordPress plugin before version 2.0.0 has an information disclosure vulnerabili | |
| 2400 | CVE-2025-12077 |
|
32.5th | 6.1 | The WP to LinkedIn Auto Publish WordPress plugin contains a reflected cross-site scripting (XSS) vul |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free