Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
2401	CVE-2025-66647	0.52%	66.3th	9.8	A buffer overflow vulnerability in RIOT OS's IPv6 fragmentation reassembly allows attackers to corru
2402	CVE-2024-43709	0.52%	66.2th	6.5	This vulnerability in Elasticsearch allows attackers to cause a denial of service by sending special
2403	CVE-2023-54339	0.52%	66.2th	9.8	CVE-2023-54339 is a remote command execution vulnerability in Webgrind 1.1 that allows unauthenticat
2404	CVE-2025-31360	0.52%	66.1th	6.5	Unauthenticated attackers can trigger device actions associated with specific 'scenes' of arbitrary
2405	CVE-2025-27561	0.52%	66.1th	5.3	Unauthenticated attackers can rename rooms belonging to arbitrary users in affected systems. This au
2406	CVE-2025-1750	0.52%	66.2th	9.8	An SQL injection vulnerability in DuckDBVectorStore's delete function allows attackers to manipulate
2407	CVE-2026-26221	0.52%	66.1th	N/A	This vulnerability in Hyland OnBase allows unauthenticated attackers to send crafted .NET Remoting r
2408	CVE-2026-22237	0.52%	66.1th	9.8	This vulnerability exposes sensitive internal API documentation in BLUVOYIX, allowing unauthenticate
2409	CVE-2024-13378	0.52%	66.1th	5.4	The Gravity Forms WordPress plugin has a stored XSS vulnerability that allows unauthenticated attack
2410	CVE-2025-65562	0.52%	66.1th	7.5	CVE-2025-65562 is an unauthenticated denial-of-service vulnerability in free5GC UPF where specially
2411	CVE-2024-12549	0.51%	66th	7.8	This vulnerability allows remote attackers to execute arbitrary code by tricking users into opening
2412	CVE-2025-2395	0.51%	66th	9.8	U-Office Force from e-Excellence has an improper authentication vulnerability that allows unauthenti
2413	CVE-2022-50788	0.51%	66th	7.5	CVE-2022-50788 is an information disclosure vulnerability in SOUND4 IMPACT/FIRST/PULSE/Eco systems t
2414	CVE-2025-20187	0.51%	66th	6.5	This vulnerability in Cisco Catalyst SD-WAN Manager allows authenticated remote attackers to write a
2415	CVE-2025-58762	0.51%	66th	9.1	This vulnerability allows attackers with administrative access to Tautulli to write arbitrary Python
2416	CVE-2025-20358	0.51%	66th	9.4	This vulnerability allows unauthenticated remote attackers to bypass authentication in Cisco Unified
2417	CVE-2025-2127	0.51%	65.9th	4.3	This vulnerability allows attackers to inject malicious scripts via the Itemid/jp_yearbuilt paramete
2418	CVE-2023-40714	0.51%	65.9th	9.9	This vulnerability allows attackers to perform relative path traversal in Fortinet FortiSIEM, enabli
2419	CVE-2025-54857	0.51%	65.9th	9.8	This vulnerability allows remote unauthenticated attackers to execute arbitrary operating system com
2420	CVE-2025-27617	0.51%	65.9th	8.8	This SQL injection vulnerability in Pimcore allows authenticated users to craft malicious filter str
2421	CVE-2023-53933	0.51%	65.9th	8.8	CVE-2023-53933 is a remote code execution vulnerability in Serendipity 2.4.0 that allows authenticat
2422	CVE-2025-29902	0.51%	65.8th	10.0	This critical vulnerability allows remote attackers to execute arbitrary code on affected Bosch syst
2423	CVE-2025-8613	0.51%	65.8th	7.2	This vulnerability allows authenticated remote attackers to execute arbitrary system commands on Vac
2424	CVE-2025-56108	0.51%	65.8th	8.8	This CVE describes an OS command injection vulnerability in Ruijie X30-PRO routers that allows attac
2425	CVE-2024-10930	0.51%	65.8th	7.8	This vulnerability allows attackers to perform DLL hijacking by placing a malicious DLL in a locatio
2426	CVE-2025-20644	0.51%	65.8th	6.5	This vulnerability in MediaTek modems allows memory corruption due to incorrect error handling when
2427	CVE-2025-21556	0.51%	65.7th	9.9	This critical vulnerability in Oracle Agile PLM Framework allows authenticated attackers with low pr
2428	CVE-2025-21515	0.51%	65.7th	8.8	This vulnerability in Oracle JD Edwards EnterpriseOne Tools allows authenticated attackers with low
2429	CVE-2025-27531	0.51%	65.7th	9.8	This vulnerability allows authenticated attackers to read arbitrary files on Apache InLong servers t
2430	CVE-2025-7038	0.51%	65.7th	8.2	The LatePoint WordPress plugin contains an authentication bypass vulnerability that allows unauthent
2431	CVE-2023-53740	0.51%	65.7th	9.8	CVE-2023-53740 is an authentication bypass vulnerability in Screen SFT DAB 1.9.3 that allows attacke
2432	CVE-2025-29269	0.51%	65.7th	9.8	This vulnerability allows remote attackers to execute arbitrary operating system commands on ALLNET
2433	CVE-2024-13418	0.51%	65.7th	8.8	This vulnerability allows authenticated WordPress users with Subscriber-level access or higher to up
2434	CVE-2025-3616	0.51%	65.7th	8.8	The Greenshift WordPress plugin versions 11.4 to 11.4.5 contain a vulnerability that allows authenti
2435	CVE-2025-5788	0.51%	65.7th	8.8	This critical vulnerability in TOTOLINK X15 routers allows remote attackers to execute arbitrary cod
2436	CVE-2025-5786	0.51%	65.7th	8.8	A critical buffer overflow vulnerability in TOTOLINK X15 routers allows remote attackers to execute
2437	CVE-2025-5785	0.51%	65.7th	8.8	This critical buffer overflow vulnerability in TOTOLINK X15 routers allows remote attackers to execu
2438	CVE-2024-54551	0.5%	65.6th	7.5	This memory handling vulnerability in Apple's web content processing allows attackers to cause denia
2439	CVE-2025-41444	0.5%	65.6th	8.3	CVE-2025-41444 is an authenticated SQL injection vulnerability in Zohocorp ManageEngine ADAudit Plus
2440	CVE-2025-27709	0.5%	65.6th	8.3	CVE-2025-27709 is an authenticated SQL injection vulnerability in Zohocorp ManageEngine ADAudit Plus
2441	CVE-2025-29049	0.5%	65.5th	6.3	A Cross-Site Scripting (XSS) vulnerability in arnog MathLive versions v0.103.0 and earlier allows at
2442	CVE-2025-5139	0.5%	65.6th	5.6	This critical vulnerability in Qualitor 8.20/8.24 allows remote attackers to execute arbitrary comma
2443	CVE-2025-7340	0.5%	65.6th	9.8	This vulnerability allows unauthenticated attackers to upload arbitrary files to WordPress sites usi
2444	CVE-2023-7321	0.5%	65.6th	5.4	Nagios Log Server versions before 2.1.14 contain a stored cross-site scripting vulnerability in the
2445	CVE-2023-7319	0.5%	65.6th	5.4	Nagios Network Analyzer versions before 2024R1 contain a cross-site scripting vulnerability in the P
2446	CVE-2022-50588	0.5%	65.6th	5.4	Nagios XI versions before 5.8.9 contain a stored cross-site scripting vulnerability in the update ch
2447	CVE-2022-50587	0.5%	65.6th	5.4	Nagios XI versions before 5.8.9 contain a stored cross-site scripting vulnerability in the Apply Con
2448	CVE-2022-50586	0.5%	65.6th	5.4	Nagios XI versions before 5.8.9 contain a stored cross-site scripting vulnerability in the BPI compo
2449	CVE-2022-50585	0.5%	65.6th	5.4	This cross-site scripting (XSS) vulnerability in Nagios XI's Core Config Manager allows attackers to
2450	CVE-2022-50584	0.5%	65.6th	5.4	This cross-site scripting (XSS) vulnerability in Nagios XI's Core Config Manager allows attackers to

← Previous Page 49 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free