Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 201 | CVE-2025-54123 |
|
97.3th | 9.8 | This CVE describes a critical command injection vulnerability in Hoverfly's middleware API endpoint | |
| 202 | CVE-2024-13496 |
|
97.2th | 7.5 | CVE-2024-13496 is a time-based SQL injection vulnerability in the GamiPress WordPress plugin that al | |
| 203 | CVE-2026-1340 |
|
97.2th | 9.8 | This critical vulnerability in Ivanti Endpoint Manager Mobile allows unauthenticated attackers to in | |
| 204 | CVE-2025-61884 |
|
97.2th | 7.5 | KEV | This is a path traversal vulnerability (CWE-22) in Oracle Configurator within Oracle E-Business Suit |
| 205 | CVE-2025-49533 |
|
97.2th | 9.8 | Adobe Experience Manager versions 6.5.23.0 and earlier contain a deserialization vulnerability that | |
| 206 | CVE-2025-5306 |
|
97.2th | 9.8 | CVE-2025-5306 is a command injection vulnerability in Pandora FMS that allows attackers to execute a | |
| 207 | CVE-2024-56249 |
|
97.2th | 9.1 | This vulnerability allows attackers to upload arbitrary files, including web shells, to WordPress si | |
| 208 | CVE-2024-40891 |
|
97.2th | 8.8 | KEV | This is a post-authentication command injection vulnerability in Zyxel VMG4325-B10A DSL CPE devices. |
| 209 | CVE-2024-13158 |
|
97.2th | 7.2 | This vulnerability allows remote authenticated attackers with admin privileges to execute arbitrary | |
| 210 | CVE-2025-8489 |
|
97.2th | 9.8 | This vulnerability in the King Addons for Elementor WordPress plugin allows unauthenticated attacker | |
| 211 | CVE-2025-23006 |
|
97.1th | 9.8 | KEV | A critical pre-authentication deserialization vulnerability in SonicWall SMA1000 management consoles |
| 212 | CVE-2025-64095 |
|
97.1th | 10.0 | This vulnerability allows unauthenticated attackers to upload and overwrite files in DNN CMS systems | |
| 213 | CVE-2025-66294 |
|
97.1th | 8.8 | This Server-Side Template Injection (SSTI) vulnerability in Grav allows authenticated users with edi | |
| 214 | CVE-2025-32429 |
|
97.1th | 9.8 | This CVE describes a critical SQL injection vulnerability in XWiki Platform that allows unauthentica | |
| 215 | CVE-2025-21174 |
|
97.1th | 7.5 | This vulnerability in Windows Standards-Based Storage Management Service allows unauthorized attacke | |
| 216 | CVE-2024-12008 |
|
97.1th | 5.3 | The W3 Total Cache WordPress plugin exposes debug log files publicly when debug mode is enabled, all | |
| 217 | CVE-2025-12055 |
|
97.1th | 7.5 | This vulnerability allows unauthenticated attackers to read arbitrary files from the Windows operati | |
| 218 | CVE-2024-50967 |
|
97.1th | 6.5 | CVE-2024-50967 is an unauthenticated access control vulnerability in Becon DATAGerry's REST API that | |
| 219 | CVE-2024-57487 |
|
97th | 6.5 | This vulnerability allows unauthenticated attackers to upload malicious PHP files through the car re | |
| 220 | CVE-2024-51442 |
|
97th | 8.8 | CVE-2024-51442 is a command injection vulnerability in MiniDLNA v1.3.3 and earlier that allows attac | |
| 221 | CVE-2025-6970 |
|
97th | 7.5 | This vulnerability allows unauthenticated attackers to perform time-based SQL injection attacks on W | |
| 222 | CVE-2025-25064 |
|
97th | 8.8 | This SQL injection vulnerability in Zimbra Collaboration's ZimbraSync Service SOAP endpoint allows a | |
| 223 | CVE-2025-29793 |
|
97th | 7.2 | This vulnerability allows an authenticated attacker to execute arbitrary code on Microsoft SharePoin | |
| 224 | CVE-2025-33053 |
|
97th | 8.8 | KEV | This vulnerability allows attackers to execute arbitrary code by exploiting external control of file |
| 225 | CVE-2025-2620 |
|
97th | 9.8 | A critical stack-based buffer overflow vulnerability in D-Link DAP-1620's authentication handler all | |
| 226 | CVE-2024-13346 |
|
96.9th | 7.3 | This vulnerability allows unauthenticated attackers to execute arbitrary shortcodes in the Avada Wor | |
| 227 | CVE-2025-49132 |
|
96.9th | 10.0 | CVE-2025-49132 is a critical remote code execution vulnerability in Pterodactyl Panel that allows un | |
| 228 | CVE-2025-27485 |
|
96.9th | 7.5 | CVE-2025-27485 is a denial-of-service vulnerability in Windows Standards-Based Storage Management Se | |
| 229 | CVE-2025-22952 |
|
96.9th | 9.8 | CVE-2025-22952 is a Server-Side Request Forgery (SSRF) vulnerability in elestio memos v0.23.0 that a | |
| 230 | CVE-2025-31324 |
|
96.9th | 10.0 | KEV | CVE-2025-31324 is an unauthenticated remote code execution vulnerability in SAP NetWeaver Visual Com |
| 231 | CVE-2025-0411 |
|
96.8th | 7.0 | KEV | This vulnerability allows attackers to bypass Windows' Mark-of-the-Web security feature when extract |
| 232 | CVE-2024-55555 |
|
96.8th | 8.8 | CVE-2024-55555 is an unauthenticated remote code execution vulnerability in Invoice Ninja that allow | |
| 233 | CVE-2024-12877 |
|
96.8th | 9.8 | This vulnerability in the GiveWP WordPress plugin allows unauthenticated attackers to perform PHP ob | |
| 234 | CVE-2025-4322 |
|
96.7th | 9.8 | The Motors WordPress theme has a critical privilege escalation vulnerability that allows unauthentic | |
| 235 | CVE-2024-11423 |
|
96.7th | 7.5 | This vulnerability allows unauthenticated attackers to manipulate gift card balances in WooCommerce | |
| 236 | CVE-2024-12404 |
|
96.7th | 7.5 | The CF Internal Link Shortcode WordPress plugin contains an SQL injection vulnerability in all versi | |
| 237 | CVE-2025-6216 |
|
96.7th | 9.8 | This vulnerability allows remote attackers to bypass authentication in Allegra by exploiting a predi | |
| 238 | CVE-2025-22510 |
|
96.6th | 7.2 | This CVE describes a PHP object injection vulnerability in the WC Price History for Omnibus WordPres | |
| 239 | CVE-2025-59374 |
|
96.6th | 9.8 | KEV | This CVE describes a supply chain compromise where unauthorized modifications were introduced into c |
| 240 | CVE-2025-1015 |
|
96.6th | 5.4 | This vulnerability allows attackers to embed malicious links in Thunderbird address book fields. Whe | |
| 241 | CVE-2025-24514 |
|
96.6th | 8.8 | This vulnerability allows attackers to inject malicious configuration into ingress-nginx via the aut | |
| 242 | CVE-2025-11833 |
|
96.5th | 9.8 | This vulnerability allows unauthenticated attackers to read arbitrary email logs stored by the Post | |
| 243 | CVE-2025-68645 |
|
96.5th | 8.8 | KEV | An unauthenticated remote attacker can exploit this Local File Inclusion vulnerability in Zimbra Col |
| 244 | CVE-2025-25279 |
|
96.5th | 9.9 | This vulnerability in Mattermost Boards allows attackers to read arbitrary files on the server by im | |
| 245 | CVE-2024-10936 |
|
96.5th | 8.8 | The String Locator WordPress plugin is vulnerable to PHP object injection through deserialization of | |
| 246 | CVE-2025-23094 |
|
96.4th | 7.3 | This CVE describes a command injection vulnerability in Mitel OpenScape 4000 and OpenScape 4000 Mana | |
| 247 | CVE-2025-24085 |
|
96.4th | 10.0 | KEV | This CVE describes a use-after-free vulnerability (CWE-416) in Apple operating systems that allows m |
| 248 | CVE-2025-24447 |
|
96.4th | 9.1 | This CVE describes a deserialization vulnerability in Adobe ColdFusion that allows attackers to exec | |
| 249 | CVE-2025-30285 |
|
96.4th | 8.4 | This CVE describes a deserialization vulnerability in Adobe ColdFusion that allows arbitrary code ex | |
| 250 | CVE-2025-47608 |
|
96.4th | 9.3 | This SQL injection vulnerability in the Recover abandoned cart for WooCommerce WordPress plugin allo |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free