Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
201	CVE-2025-20379	0.03%	8.8th	3.5	This vulnerability allows low-privileged Splunk users to bypass SPL safeguards for risky commands by
202	CVE-2025-15126	0.03%	8.7th	3.1	This CVE describes an improper authorization vulnerability in JeecgBoot's getPositionUserList functi
203	CVE-2025-15141	0.03%	8.9th	3.1	This vulnerability in Halo's Configuration Handler component allows remote attackers to access sensi
204	CVE-2025-15321	0.03%	8.9th	2.7	An improper input validation vulnerability in Tanium Appliance could allow attackers to cause unexpe
205	CVE-2025-10583	0.03%	8.9th	3.5	The WP Fastest Cache WordPress plugin contains a Server-Side Request Forgery (SSRF) vulnerability th
206	CVE-2025-21077	0.03%	8.7th	3.3	This vulnerability allows local attackers to launch arbitrary activities with Samsung Email privileg
207	CVE-2025-9543	0.03%	8.6th	3.5	The FlexTable WordPress plugin before version 3.19.2 has a stored cross-site scripting (XSS) vulnera
208	CVE-2026-1048	0.03%	8.6th	3.5	This CVE describes a cross-site scripting (XSS) vulnerability in LigeroSmart up to version 6.1.26. A
209	CVE-2026-1049	0.03%	8.6th	3.5	This CVE describes a cross-site scripting (XSS) vulnerability in LigeroSmart (formerly OTRS) up to v
210	CVE-2026-1196	0.03%	8.4th	3.1	This vulnerability in MineAdmin 1.x/2.x allows remote attackers to access sensitive information thro
211	CVE-2025-57823	0.03%	8.4th	2.7	A forced browsing vulnerability in Fortinet FortiAuthenticator allows authenticated attackers with s
212	CVE-2025-52659	0.03%	8.7th	2.8	HCL AION version 2 has a cacheable HTTP response vulnerability where sensitive or dynamic content ma
213	CVE-2026-23738	0.03%	8.6th	3.5	This vulnerability allows cross-site scripting (XSS) attacks in Asterisk's web interface. Attackers
214	CVE-2025-14662	0.03%	8.4th	2.4	This vulnerability allows attackers to inject malicious scripts into the Student File Management Sys
215	CVE-2025-14519	0.03%	8.6th	3.5	This CVE describes a stored cross-site scripting (XSS) vulnerability in the baowzh hfly travel websi
216	CVE-2025-61873	0.03%	8.2th	2.6	This CSV injection vulnerability in Best Practical Request Tracker (RT) allows attackers to inject m
217	CVE-2025-69412	0.03%	8.3th	3.4	KDE messagelib versions before 25.11.90 ignore SSL certificate validation errors when contacting Goo
218	CVE-2025-15416	0.03%	8.3th	2.4	This vulnerability allows attackers to inject malicious scripts into the 'Remark' or 'Variable Value
219	CVE-2026-2215	0.03%	8.1th	3.7	This vulnerability in rachelos WeRSS we-mp-rss allows attackers to bypass authentication by manipula
220	CVE-2026-21977	0.03%	8.1th	3.1	This vulnerability in Oracle Zero Data Loss Recovery Appliance allows unauthenticated attackers with
221	CVE-2025-15119	0.03%	8.2th	3.1	This vulnerability in JeecgBoot allows attackers to bypass authorization checks by manipulating the
222	CVE-2025-15120	0.03%	8.2th	3.1	This CVE describes an improper authorization vulnerability in JeecgBoot's getDeptRoleList function.
223	CVE-2025-15122	0.03%	8.2th	3.1	This CVE describes an improper authorization vulnerability in JeecgBoot's loadDatarule function that
224	CVE-2025-15123	0.03%	8.2th	3.1	JeecgBoot up to version 3.9.0 contains an improper authorization vulnerability in the /sys/sysDepart
225	CVE-2025-15124	0.03%	8.2th	3.1	This vulnerability in JeecgBoot allows attackers to bypass authorization checks by manipulating the
226	CVE-2025-15125	0.03%	8.2th	3.1	This CVE describes an improper authorization vulnerability in JeecgBoot's queryDepartPermission func
227	CVE-2025-14083	0.03%	8.3th	2.7	This vulnerability in Keycloak's Admin REST API exposes backend schema and rules due to improper acc
228	CVE-2025-15289	0.03%	8.1th	3.1	CVE-2025-15289 is an improper access controls vulnerability in Tanium Interact that could allow auth
229	CVE-2026-24320	0.03%	7.7th	3.1	This vulnerability in SAP NetWeaver and ABAP Platform allows authenticated attackers to exploit memo
230	CVE-2026-21640	0.03%	7.7th	2.7	A format string injection vulnerability in Revive Adserver allows attackers to cause a fatal PHP err
231	CVE-2026-1598	0.03%	7.9th	3.5	This vulnerability allows attackers to inject malicious scripts into the user profile page of Bdtask
232	CVE-2026-1161	0.03%	7.9th	3.5	This vulnerability allows attackers to inject malicious scripts into the pbrong HRMS application thr
233	CVE-2025-54004	0.03%	8th	2.6	This vulnerability allows unauthorized users to access functionality intended only for authorized us
234	CVE-2026-1035	0.03%	7.8th	3.1	This vulnerability allows attackers to bypass Keycloak's refresh token rotation security feature whe
235	CVE-2025-52629	0.03%	7.8th	3.7	HCL AION 2.0 lacks a Content-Security-Policy header, which could allow attackers to execute maliciou
236	CVE-2025-14019	0.03%	7.9th	3.4	LINE for Android versions 13.8 through 15.5 contains a UI spoofing vulnerability in its in-app brows
237	CVE-2025-14023	0.03%	7.9th	3.1	This vulnerability in LINE for iOS allows attackers to spoof the user interface, creating confusion
238	CVE-2025-15451	0.03%	7.2th	2.4	This CVE describes a cross-site scripting (XSS) vulnerability in xnx3 wangmarket CMS versions up to
239	CVE-2025-15452	0.03%	7.2th	2.4	This is a cross-site scripting (XSS) vulnerability in xnx3 wangmarket CMS versions up to 4.9. Attack
240	CVE-2026-23686	0.03%	7.2th	3.4	This CRLF injection vulnerability in SAP NetWeaver Application Server Java allows authenticated admi
241	CVE-2026-2200	0.03%	7.4th	2.4	This vulnerability allows remote attackers to inject malicious scripts via the /admin/admin/save API
242	CVE-2026-2201	0.03%	7.4th	2.4	This CVE describes a cross-site scripting (XSS) vulnerability in ZeroWdd studentmanager's leave requ
243	CVE-2025-14580	0.03%	7.6th	3.5	This is a cross-site scripting (XSS) vulnerability in Qualitor's document viewing component that all
244	CVE-2025-53470	0.03%	7.6th	3.1	An out-of-bounds read vulnerability in Apache NimBLE's HCI H4 driver allows a malicious or malfuncti
245	CVE-2025-30509	0.03%	7.3th	3.8	This vulnerability in Intel QuickAssist Technology software allows authenticated local users to esca
246	CVE-2026-24048	0.03%	7.5th	3.5	This SSRF vulnerability in Backstage's FetchUrlReader component allows attackers who control allowed
247	CVE-2026-0642	0.03%	7.2th	2.4	This vulnerability allows attackers to inject malicious scripts via the Name parameter in the /app/c
248	CVE-2025-15171	0.03%	7.6th	3.5	This vulnerability allows attackers to inject malicious scripts into SohuTV CacheCloud web interface
249	CVE-2025-15172	0.03%	7.6th	3.5	This vulnerability allows attackers to inject malicious scripts into SohuTV CacheCloud's Redis confi
250	CVE-2025-15173	0.03%	7.6th	3.5	This vulnerability allows attackers to inject malicious scripts into SohuTV CacheCloud web interface

← Previous Page 5 of 9 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free