Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Flags	Summary
201	CVE-2025-58434	11.19%	93.3th	9.8		This vulnerability in Flowise allows unauthenticated attackers to generate password reset tokens for
202	CVE-2025-7775	10.62%	93.1th	9.8	KEV	A memory overflow vulnerability in NetScaler ADC and NetScaler Gateway allows remote attackers to ex
203	CVE-2025-52665	10.56%	93.1th	10.0		An authentication bypass vulnerability in UniFi Access door control software allows attackers on the
204	CVE-2024-54085	10.47%	93.1th	9.8	KEV	CVE-2024-54085 is a critical authentication bypass vulnerability in AMI's SPx BMC firmware that allo
205	CVE-2025-58443	10.24%	93th	9.1		This CVE describes an authentication bypass vulnerability in FOG Project versions 1.5.10.1673 and be
206	CVE-2025-2636	10.16%	92.9th	9.8		This vulnerability allows unauthenticated attackers to include and execute arbitrary PHP files on Wo
207	CVE-2025-44136	10.02%	92.9th	9.8		CVE-2025-44136 is a reflected cross-site scripting vulnerability in MapTiler Tileserver-php where th
208	CVE-2024-6159	9.84%	92.8th	9.8		This vulnerability allows unauthenticated attackers to execute arbitrary SQL commands on WordPress s
209	CVE-2025-64128	9.8%	92.8th	10.0		An OS command injection vulnerability (CWE-78) allows unauthenticated attackers to execute arbitrary
210	CVE-2025-64127	9.8%	92.8th	10.0		This critical vulnerability allows unauthenticated remote attackers to execute arbitrary operating s
211	CVE-2025-64126	9.8%	92.8th	10.0		This critical OS command injection vulnerability allows unauthenticated attackers to execute arbitra
212	CVE-2025-53690	9.76%	92.8th	9.0	KEV	This CVE describes a deserialization vulnerability in Sitecore Experience Manager (XM) and Experienc
213	CVE-2025-52694	9.71%	92.7th	10.0		This critical SQL injection vulnerability allows unauthenticated attackers to execute arbitrary SQL
214	CVE-2025-68926	9.47%	92.6th	9.8		This vulnerability allows attackers to bypass authentication in RustFS by using a hardcoded static t
215	CVE-2026-24423	9.22%	92.5th	9.8	KEV	This vulnerability allows unauthenticated attackers to execute arbitrary operating system commands o
216	CVE-2024-54804	9.13%	92.5th	9.8		This vulnerability allows remote attackers to execute arbitrary commands on Netgear WNR854T routers
217	CVE-2025-55190	8.75%	92.3th	9.9		This CVE allows API tokens with project-level permissions in Argo CD to retrieve sensitive repositor
218	CVE-2025-61932	8.68%	92.3th	9.8	KEV	CVE-2025-61932 is a critical vulnerability in Lanscope Endpoint Manager (On-Premises) that allows un
219	CVE-2024-57040	8.5%	92.2th	9.8		This vulnerability involves hardcoded root passwords in specific TP-Link router firmware versions, a
220	CVE-2025-11953	8.45%	92.1th	9.8	KEV	CVE-2025-11953 is a critical OS command injection vulnerability in the React Native Community CLI's
221	CVE-2024-13091	8.32%	92.1th	9.8		The WPBot Pro WordPress Chatbot plugin has a critical vulnerability allowing unauthenticated attacke
222	CVE-2025-30220	8.18%	92th	9.9		This XXE vulnerability in GeoServer's GeoTools Schema class allows attackers to read arbitrary files
223	CVE-2025-42599	8.01%	91.9th	9.8	KEV	CVE-2025-42599 is a critical stack-based buffer overflow vulnerability in Active! mail 6 that allows
224	CVE-2025-28138	7.88%	91.8th	9.8		This vulnerability allows unauthenticated attackers to execute arbitrary commands on TOTOLINK A800R
225	CVE-2025-34035	7.63%	91.7th	9.8		An unauthenticated remote OS command injection vulnerability in EnGenius EnShare Cloud Service allow
226	CVE-2025-2907	7.6%	91.7th	9.8		This vulnerability in the Order Delivery Date WordPress plugin allows unauthenticated attackers to m
227	CVE-2025-34205	7.42%	91.6th	9.8		This vulnerability allows unauthenticated attackers to reset the database administrator password to
228	CVE-2025-45858	7.41%	91.5th	9.8		This CVE describes a command injection vulnerability in TOTOLINK A3002R routers that allows attacker
229	CVE-2025-1128	7.36%	91.5th	9.8		This vulnerability in the Everest Forms WordPress plugin allows unauthenticated attackers to upload,
230	CVE-2025-29042	7.2%	91.4th	9.8		This vulnerability allows remote attackers to execute arbitrary commands on D-Link DIR-832x routers
231	CVE-2025-29040	7.2%	91.4th	9.8		This vulnerability allows remote attackers to execute arbitrary commands on D-Link DIR 823x routers
232	CVE-2025-55591	6.98%	91.2th	9.8		This critical command injection vulnerability in TOTOLINK-A3002R routers allows attackers to execute
233	CVE-2025-21311	6.84%	91.2th	9.8		This vulnerability allows attackers to exploit weaknesses in Windows NTLM v1 authentication to gain
234	CVE-2026-23550	6.72%	91.1th	10.0		This critical vulnerability in Modular DS allows attackers to escalate privileges due to incorrect p
235	CVE-2026-21891	6.64%	91th	9.4		This vulnerability allows authentication bypass in ZimaOS by exploiting improper password validation
236	CVE-2025-22654	6.54%	90.9th	10.0		This vulnerability allows attackers to upload malicious files to WordPress sites using the Simplifie
237	CVE-2025-53624	6.49%	90.9th	10.0		The Docusaurus gists plugin versions before 4.0.0 expose GitHub Personal Access Tokens in client-sid
238	CVE-2024-49747	6.3%	90.7th	9.8		This critical vulnerability in Android's Bluetooth GATT server allows remote attackers to execute ar
239	CVE-2022-3180	6.26%	90.7th	9.8		CVE-2022-3180 is an unauthenticated privilege escalation vulnerability in the WPGateway WordPress pl
240	CVE-2023-28354	6.21%	90.7th	9.8		CVE-2023-28354 is a critical remote code execution vulnerability in Opsview Monitor Agent 6.8 that a
241	CVE-2024-13979	5.99%	90.5th	9.8		This is a critical SQL injection vulnerability in the St. Joe ERP system that allows unauthenticated
242	CVE-2025-43559	5.98%	90.5th	9.1		This CVE describes an improper input validation vulnerability in Adobe ColdFusion that allows authen
243	CVE-2025-30216	5.93%	90.4th	9.4		A heap overflow vulnerability in CryptoLib's TM protocol processing allows attackers to trigger arbi
244	CVE-2026-21858	5.82%	90.3th	10.0		This vulnerability in n8n workflow automation platform allows unauthenticated remote attackers to ex
245	CVE-2025-52207	5.8%	90.3th	9.9		This vulnerability allows unauthenticated attackers to upload PHP scripts to arbitrary directories o
246	CVE-2024-54880	5.71%	90.2th	9.1		SeaCMS V13.1 contains an incorrect access control vulnerability that allows attackers to bypass regi
247	CVE-2024-28988	5.46%	90th	9.8		CVE-2024-28988 is a critical Java deserialization vulnerability in SolarWinds Web Help Desk that all
248	CVE-2025-61044	5.45%	90th	9.8		This CVE describes a command injection vulnerability in TOTOLINK X18 routers that allows attackers t
249	CVE-2025-56266	5.41%	89.9th	9.8		A Host Header Injection vulnerability in Avigilon ACM v7.10.0.20 allows attackers to execute arbitra
250	CVE-2024-12583	5.34%	89.8th	9.9		The Dynamics 365 Integration plugin for WordPress has a Server-Side Template Injection vulnerability

← Previous Page 5 of 70 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free