Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
2451	CVE-2025-11541	0.08%	24.3th	9.8	A stack-based buffer overflow vulnerability in Sharp Display Solutions projectors allows attackers t
2452	CVE-2025-14700	0.08%	24.4th	9.9	This critical vulnerability in Crafty Controller's Webhook Template component allows authenticated a
2453	CVE-2025-42880	0.08%	24.3th	9.9	CVE-2025-42880 is a critical remote code execution vulnerability in SAP Solution Manager where authe
2454	CVE-2026-24306	0.08%	24.5th	9.8	CVE-2026-24306 is an improper access control vulnerability in Azure Front Door that allows unauthori
2455	CVE-2024-11045	0.08%	24.2th	9.6	A Cross-Site WebSocket Hijacking vulnerability in automatic1111/stable-diffusion-webui version 1.10.
2456	CVE-2025-47284	0.08%	24.2th	9.9	This vulnerability allows administrative users within a Gardener project to escalate privileges and
2457	CVE-2025-11126	0.08%	24.1th	9.8	This vulnerability involves hard-coded credentials in the Apeman ID71 system configuration file, all
2458	CVE-2025-60219	0.08%	24.1th	10.0	This vulnerability allows attackers to upload arbitrary files, including web shells, to servers runn
2459	CVE-2025-10547	0.08%	24.1th	9.8	An uninitialized variable vulnerability in DrayOS HTTP CGI request processing allows remote attacker
2460	CVE-2025-64712	0.08%	24.3th	9.8	A path traversal vulnerability in the unstructured library's partition_msg function allows attackers
2461	CVE-2025-54391	0.08%	24th	9.1	This vulnerability in Zimbra Collaboration (ZCS) allows attackers with valid user credentials to byp
2462	CVE-2025-10392	0.08%	24.1th	9.8	This vulnerability allows remote attackers to execute arbitrary code on Mercury KM08-708H GiGA WiFi
2463	CVE-2024-32444	0.08%	24th	9.8	CVE-2024-32444 is an incorrect privilege assignment vulnerability in the RealHomes WordPress theme t
2464	CVE-2025-50402	0.08%	24th	9.8	The FAST FAC1200R F400_FAC1200R_Q device contains a buffer overflow vulnerability in the password ha
2465	CVE-2025-50399	0.08%	24th	9.8	This vulnerability allows remote attackers to execute arbitrary code on FAST FAC1200R F400_FAC1200R_
2466	CVE-2025-66256	0.08%	24th	9.8	This vulnerability allows unauthenticated attackers to upload arbitrary files to Mozart FM Transmitt
2467	CVE-2025-66250	0.08%	24th	9.8	This vulnerability allows unauthenticated attackers to upload arbitrary files to DB Electronica Tele
2468	CVE-2025-27918	0.08%	24th	9.8	This vulnerability allows remote attackers to execute arbitrary code on AnyDesk clients by sending s
2469	CVE-2024-27480	0.08%	24.1th	9.8	CVE-2024-27480 is an insecure file upload vulnerability in VvvebJs 1.7.2 that allows attackers to up
2470	CVE-2024-25182	0.08%	24.1th	9.8	VvvebJs 1.7.2 contains an unrestricted file upload vulnerability in save.php that allows attackers t
2471	CVE-2025-64663	0.08%	23.9th	9.9	This CVE describes an elevation of privilege vulnerability in Microsoft's Custom Question Answering
2472	CVE-2024-57035	0.08%	23.7th	9.8	CVE-2024-57035 is a critical SQL injection vulnerability in WeGIA v3.2.0 that allows attackers to ex
2473	CVE-2024-40446	0.08%	23.8th	9.8	This vulnerability in forkosh Mime Tex allows remote attackers to execute arbitrary code via special
2474	CVE-2025-47436	0.08%	23.8th	9.8	A heap-based buffer overflow vulnerability in Apache ORC's C++ LZO decompression logic allows attack
2475	CVE-2023-47297	0.08%	23.8th	9.8	A settings manipulation vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute arb
2476	CVE-2025-40600	0.08%	23.7th	9.8	A format string vulnerability in SonicOS SSL VPN interface allows remote unauthenticated attackers t
2477	CVE-2025-9994	0.08%	23.8th	9.8	The Amp'ed RF BT-AP 111 Bluetooth access point's HTTP admin interface lacks authentication, allowing
2478	CVE-2024-13994	0.08%	23.8th	9.8	Nagios XI versions before 2024R1.1.2 have a missing authorization vulnerability when 'Allow Insecure
2479	CVE-2025-62481	0.08%	23.7th	9.8	An unauthenticated remote code execution vulnerability in Oracle Marketing (part of Oracle E-Busines
2480	CVE-2025-62168	0.08%	23.7th	10.0	Squid caching proxy versions before 7.2 fail to properly redact HTTP authentication credentials in e
2481	CVE-2025-50433	0.08%	23.9th	9.8	This vulnerability allows attackers to escalate privileges via a crafted password reset mechanism on
2482	CVE-2026-25938	0.08%	23.9th	9.8	An authentication bypass vulnerability in FUXA web-based SCADA/HMI software allows unauthenticated r
2483	CVE-2025-45378	0.08%	23.8th	9.1	Dell CloudLink versions 8.0 through 8.1.2 have a vulnerability where privileged users with known pas
2484	CVE-2025-67165	0.08%	23.7th	9.8	An Insecure Direct Object Reference (IDOR) vulnerability in Pagekit CMS v1.0.18 allows attackers to
2485	CVE-2026-22908	0.08%	23.8th	9.1	This vulnerability allows remote attackers to gain full system access by uploading unvalidated conta
2486	CVE-2026-26335	0.08%	23.7th	9.8	This vulnerability allows attackers to achieve remote code execution on Calero VeraSMART servers by
2487	CVE-2025-48373	0.08%	23.6th	9.1	This vulnerability allows attackers to bypass authentication in the Schule school management system
2488	CVE-2025-44654	0.08%	23.5th	9.8	This vulnerability in Linksys E2500 routers with vsftpd configuration allows attackers to bypass chr
2489	CVE-2025-55031	0.08%	23.6th	9.8	This vulnerability in Firefox and Focus for iOS allows malicious web pages to trigger hybrid passkey
2490	CVE-2025-59503	0.08%	23.5th	10.0	This critical Server-Side Request Forgery (SSRF) vulnerability in Azure Compute Gallery allows unaut
2491	CVE-2025-63747	0.08%	23.5th	9.8	QaTraq 6.9.2 ships with default administrative credentials that are enabled in fresh installations.
2492	CVE-2025-13342	0.08%	23.7th	9.8	This vulnerability allows unauthenticated attackers to modify critical WordPress configuration optio
2493	CVE-2025-59693	0.08%	23.5th	9.8	This vulnerability allows a physically proximate attacker to bypass tamper protection on Entrust har
2494	CVE-2025-4319	0.08%	23.6th	9.4	This vulnerability allows attackers to perform brute force attacks against user accounts and exploit
2495	CVE-2025-37184	0.08%	23.5th	9.8	This vulnerability allows unauthenticated remote attackers to bypass multi-factor authentication req
2496	CVE-2026-25200	0.08%	23.6th	9.8	A vulnerability in MagicInfo9 Server allows authorized users to upload HTML files without proper aut
2497	CVE-2025-48935	0.08%	23.4th	9.1	This vulnerability allows attackers to bypass Deno's permission system for database read/write opera
2498	CVE-2025-31229	0.08%	23.4th	9.1	This vulnerability allows VoiceOver, Apple's screen reader accessibility feature, to audibly read de
2499	CVE-2025-29009	0.08%	23.3th	10.0	This vulnerability allows attackers to upload arbitrary files, including web shells, to WooCommerce
2500	CVE-2025-54738	0.08%	23.3th	9.8	This CVE describes an authentication bypass vulnerability in the NooTheme Jobmonster WordPress theme

← Previous Page 50 of 70 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free