Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
2451	CVE-2021-47699	0.5%	65.6th	5.4	Nagios XI versions before 5.8.7 contain a cross-site scripting vulnerability in the Audit Log page's
2452	CVE-2021-47697	0.5%	65.6th	5.4	Nagios XI versions before 5.8.0 contain a cross-site scripting vulnerability in the Views feature UR
2453	CVE-2021-47696	0.5%	65.6th	5.4	Nagios XI versions before 5.8.0 contain a cross-site scripting vulnerability in BPI config ID handli
2454	CVE-2021-47695	0.5%	65.6th	5.4	Nagios XI versions before 5.8.0 contain a stored cross-site scripting (XSS) vulnerability in the My
2455	CVE-2021-47691	0.5%	65.6th	5.4	This CVE describes multiple cross-site scripting (XSS) vulnerabilities in Nagios XI's Core Config Ma
2456	CVE-2021-47690	0.5%	65.6th	5.4	This cross-site scripting vulnerability in Nagios XI's Core Config Manager allows attackers to injec
2457	CVE-2020-36866	0.5%	65.6th	5.4	This cross-site scripting (XSS) vulnerability in Nagios XI allows attackers to inject malicious scri
2458	CVE-2020-36865	0.5%	65.6th	5.4	This cross-site scripting vulnerability in Nagios XI allows attackers to inject malicious scripts in
2459	CVE-2020-36861	0.5%	65.6th	5.4	This CVE describes multiple cross-site scripting (XSS) vulnerabilities in Nagios XI's Core Config Ma
2460	CVE-2020-36858	0.5%	65.6th	5.4	This cross-site scripting (XSS) vulnerability in Nagios Log Server allows attackers to inject malici
2461	CVE-2018-25121	0.5%	65.6th	5.4	Nagios XI versions before 5.4.13 contain a cross-site scripting (XSS) vulnerability in the Views pag
2462	CVE-2018-25119	0.5%	65.6th	6.1	This cross-site scripting vulnerability in Nagios Fusion allows attackers to inject malicious script
2463	CVE-2017-20209	0.5%	65.6th	6.1	This cross-site scripting vulnerability in Nagios Fusion allows attackers to inject malicious script
2464	CVE-2016-15053	0.5%	65.6th	5.4	Nagios XI versions before 5.2.4 contain a cross-site scripting vulnerability in the 'My Reports' lis
2465	CVE-2016-15052	0.5%	65.6th	5.4	Nagios XI versions before 5.2.4 contain a cross-site scripting vulnerability in the Menu System of t
2466	CVE-2016-15049	0.5%	65.6th	5.4	Nagios Log Server versions before 1.4.2 contain a cross-site scripting vulnerability in the Dashboar
2467	CVE-2011-10040	0.5%	65.6th	5.4	This cross-site scripting (XSS) vulnerability in Nagios XI allows attackers to inject malicious scri
2468	CVE-2011-10039	0.5%	65.6th	5.4	This cross-site scripting (XSS) vulnerability in Nagios XI allows attackers to inject malicious scri
2469	CVE-2011-10038	0.5%	65.6th	5.4	This cross-site scripting vulnerability in Nagios XI allows attackers to inject malicious scripts in
2470	CVE-2025-11539	0.5%	65.5th	9.9	Grafana Image Renderer versions 1.0.0 through 4.0.16 contain an arbitrary file write vulnerability i
2471	CVE-2021-47698	0.5%	65.6th	5.4	Nagios XI versions before 5.8.7 contain a cross-site scripting vulnerability in the Core UI's Views
2472	CVE-2025-15256	0.5%	65.6th	7.3	This CVE describes a command injection vulnerability in Edimax BR-6208AC routers that allows remote
2473	CVE-2023-28322	0.5%	65.5th	3.7	This vulnerability in curl versions before 8.1.0 causes information disclosure when reusing a handle
2474	CVE-2024-36465	0.5%	65.5th	8.8	A SQL injection vulnerability in Zabbix allows authenticated low-privilege users with API access to
2475	CVE-2025-24154	0.5%	65.4th	9.1	This CVE describes an out-of-bounds write vulnerability in Apple operating systems that could allow
2476	CVE-2025-49796	0.5%	65.5th	9.1	A memory corruption vulnerability in libxml2 allows attackers to craft malicious XML files containin
2477	CVE-2025-66208	0.5%	65.4th	9.8	CVE-2025-66208 is a critical OS command injection vulnerability in Collabora Online's built-in CODE
2478	CVE-2025-55423	0.5%	65.4th	9.8	A critical command injection vulnerability in ipTIME routers allows attackers to execute arbitrary o
2479	CVE-2024-13477	0.5%	65.4th	7.5	This SQL injection vulnerability in the LTL Freight Quotes WordPress plugin allows unauthenticated a
2480	CVE-2025-29986	0.5%	65.4th	8.3	Dell Common Event Enabler version 9.0.0.0 contains an improper restriction of communication channel
2481	CVE-2025-60698	0.5%	65.4th	7.3	This CVE describes a command injection vulnerability in D-Link DIR-882 router firmware that allows u
2482	CVE-2025-60697	0.5%	65.4th	7.3	This CVE describes a command injection vulnerability in D-Link DIR-882 router firmware that allows u
2483	CVE-2025-31387	0.5%	65.3th	7.5	This vulnerability allows attackers to include local files on the server through improper filename c
2484	CVE-2025-30835	0.5%	65.3th	7.5	This vulnerability allows attackers to include local files on the server through improper filename c
2485	CVE-2025-39461	0.5%	65.3th	7.5	This CVE describes a PHP Local File Inclusion vulnerability in the Docket Cache WordPress plugin. At
2486	CVE-2025-39429	0.5%	65.3th	7.5	This CVE describes a PHP Local File Inclusion vulnerability in the Széchenyi 2020 Logo WordPress pl
2487	CVE-2025-31030	0.5%	65.3th	7.5	This CVE describes a PHP Local File Inclusion vulnerability in the Ray Enterprise Translation WordPr
2488	CVE-2025-26889	0.5%	65.3th	7.5	This vulnerability allows attackers to include local files on the server through PHP's include/requi
2489	CVE-2025-32614	0.5%	65.3th	8.8	This vulnerability allows attackers to include local files on the server through improper input vali
2490	CVE-2025-31098	0.5%	65.3th	7.5	This CVE describes a PHP Local File Inclusion vulnerability in the DeBounce Email Validator WordPres
2491	CVE-2025-30356	0.5%	65.3th	9.8	A heap buffer overflow vulnerability in CryptoLib's SDLS-EP implementation allows attackers to craft
2492	CVE-2025-5393	0.5%	65.3th	9.1	This vulnerability allows unauthenticated attackers to delete arbitrary files on WordPress servers r
2493	CVE-2025-2402	0.5%	65.3th	8.6	KNIME Business Hub uses a hard-coded, non-random password for its MinIO object store, allowing unaut
2494	CVE-2024-13231	0.5%	65.3th	5.3	The WordPress Portfolio Builder plugin has an authorization bypass vulnerability that allows unauthe
2495	CVE-2025-24157	0.5%	65.3th	5.6	This CVE describes a buffer overflow vulnerability in macOS kernel memory handling that could allow
2496	CVE-2025-21225	0.5%	65.3th	5.9	This vulnerability in Windows Remote Desktop Gateway allows attackers to cause a denial of service b
2497	CVE-2024-11350	0.5%	65.2th	9.8	The AdForest WordPress theme contains a critical authentication bypass vulnerability that allows una
2498	CVE-2025-70457	0.5%	65.3th	9.8	This vulnerability allows unauthenticated attackers to upload malicious PHP files disguised as image
2499	CVE-2024-12705	0.5%	65.2th	7.5	This vulnerability allows attackers to cause denial-of-service (DoS) against DNS resolvers by floodi
2500	CVE-2024-55414	0.5%	65.2th	9.8	A vulnerability in Motorola SM56 Modem WDM Driver allows low-privileged users to map physical memory

← Previous Page 50 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free