Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 2501 | CVE-2024-56253 |
|
31.6th | 5.4 | This CVE describes a Missing Authorization vulnerability in the Data Tables Generator by Supsystic W | |
| 2502 | CVE-2025-26995 |
|
31.6th | 5.4 | CVE-2025-26995 is a missing authorization vulnerability in the Market Exporter WordPress plugin that | |
| 2503 | CVE-2025-27356 |
|
31.6th | 5.4 | This CVE describes a missing authorization vulnerability in the WordPress Sticky Header On Scroll pl | |
| 2504 | CVE-2025-25110 |
|
31.6th | 5.4 | This CVE describes a missing authorization vulnerability in the Metagauss Event Kikfyre WordPress pl | |
| 2505 | CVE-2025-22696 |
|
31.6th | 5.4 | This CVE describes a missing authorization vulnerability in the WordPress EmbedPress Document Block | |
| 2506 | CVE-2025-1558 |
|
31.7th | 6.5 | Mattermost Mobile Apps versions up to 2.25.0 contain a GIF validation vulnerability that allows atta | |
| 2507 | CVE-2025-1057 |
|
31.7th | 4.3 | A type compatibility issue in Keylime versions 7.12.0 prevents the registrar from reading agent regi | |
| 2508 | CVE-2025-28938 |
|
31.6th | 4.3 | This CVE describes a missing authorization vulnerability in the WP Performance Pack WordPress plugin | |
| 2509 | CVE-2025-24521 |
|
31.6th | 4.9 | This CVE describes an XML External Entity (XXE) injection vulnerability that allows attackers to rea | |
| 2510 | CVE-2025-1704 |
|
31.7th | 6.5 | This vulnerability in ChromeOS ComponentInstaller allows enrolled users with physical access to unen | |
| 2511 | CVE-2025-3276 |
|
31.6th | 6.4 | This stored XSS vulnerability in the SKT Blocks WordPress plugin allows authenticated attackers with | |
| 2512 | CVE-2024-9416 |
|
31.6th | 6.4 | The Modula Image Gallery WordPress plugin (versions ≤5.0.36) contains a stored cross-site scriptin | |
| 2513 | CVE-2025-3943 |
|
31.7th | 4.1 | This vulnerability in Tridium Niagara Framework and Enterprise Security allows attackers to inject p | |
| 2514 | CVE-2023-28911 |
|
31.7th | 6.5 | This vulnerability in the Bluetooth stack of MIB3 infotainment systems allows attackers to disconnec | |
| 2515 | CVE-2024-57189 |
|
31.6th | 5.4 | This vulnerability allows authenticated attackers to write arbitrary files on the system via path tr | |
| 2516 | CVE-2025-58132 |
|
31.6th | 4.1 | This CVE describes a command injection vulnerability in Zoom Clients for Windows that allows authent | |
| 2517 | CVE-2025-59454 |
|
31.7th | 4.3 | This CVE describes an information disclosure vulnerability in Apache CloudStack where authorized use | |
| 2518 | CVE-2025-14546 |
|
31.6th | 6.3 | This CSRF vulnerability in fastapi-sso allows attackers to link their OAuth accounts to victims' int | |
| 2519 | CVE-2025-67845 |
|
31.6th | 6.4 | A directory traversal vulnerability in Mintlify Platform's static asset proxy endpoint allows attack | |
| 2520 | CVE-2025-68388 |
|
31.7th | 5.3 | This vulnerability in Packetbeat allows unauthenticated remote attackers to send malicious IPv4 frag | |
| 2521 | CVE-2025-9207 |
|
31.6th | 5.3 | The TI WooCommerce Wishlist plugin for WordPress is vulnerable to HTML injection, allowing unauthent | |
| 2522 | CVE-2025-24733 |
|
31.5th | 6.5 | This CVE describes a PHP Local File Inclusion vulnerability in the Post Grid Master WordPress plugin | |
| 2523 | CVE-2025-21278 |
|
31.5th | 6.2 | This vulnerability in Windows Remote Desktop Gateway allows attackers to cause a denial of service b | |
| 2524 | CVE-2024-13247 |
|
31.6th | 4.8 | This vulnerability allows attackers to inject malicious scripts into web pages generated by Drupal C | |
| 2525 | CVE-2025-46338 |
|
31.5th | 6.1 | Audiobookshelf versions before 2.21.0 contain a reflected cross-site scripting (XSS) vulnerability i | |
| 2526 | CVE-2025-1456 |
|
31.5th | 6.4 | This stored XSS vulnerability in the Royal Elementor Addons WordPress plugin allows authenticated at | |
| 2527 | CVE-2025-31726 |
|
31.5th | 5.5 | The Jenkins Stack Hammer Plugin 1.0.6 and earlier stores API keys unencrypted in job configuration f | |
| 2528 | CVE-2025-4268 |
|
31.5th | 5.3 | This vulnerability allows unauthenticated remote attackers to reboot TOTOLINK A720R routers by acces | |
| 2529 | CVE-2025-5813 |
|
31.5th | 5.3 | The Amazon Products to WooCommerce WordPress plugin has an authentication bypass vulnerability that | |
| 2530 | CVE-2025-6282 |
|
31.5th | 5.5 | This critical path traversal vulnerability in OpenAgents allows attackers to access arbitrary files | |
| 2531 | CVE-2025-6280 |
|
31.5th | 5.5 | This critical vulnerability in TransformerOptimus SuperAGI allows attackers to perform path traversa | |
| 2532 | CVE-2025-6278 |
|
31.5th | 5.5 | This critical vulnerability in Upsonic allows attackers to perform path traversal attacks by manipul | |
| 2533 | CVE-2025-40593 |
|
31.5th | 6.5 | This vulnerability in Siemens SIMATIC CN 4100 allows attackers to store arbitrary files in the devic | |
| 2534 | CVE-2025-55585 |
|
31.5th | 6.5 | This CVE describes an eval injection vulnerability in TOTOLINK A3002R routers that allows attackers | |
| 2535 | CVE-2025-20225 |
|
31.5th | 5.8 | An unauthenticated remote attacker can send crafted IKEv2 packets to trigger a memory leak in affect | |
| 2536 | CVE-2025-29084 |
|
31.5th | 6.5 | This SQL injection vulnerability in CSZ-CMS v1.3.0 allows remote attackers to execute arbitrary SQL | |
| 2537 | CVE-2025-54247 |
|
31.5th | 6.5 | Adobe Experience Manager versions 6.5.23.0 and earlier contain an improper input validation vulnerab | |
| 2538 | CVE-2021-47830 |
|
31.5th | 6.5 | CVE-2021-47830 is a CSRF vulnerability in GetSimple CMS My SMTP Contact Plugin 1.1.1 that allows att | |
| 2539 | CVE-2024-43763 |
|
31.4th | 6.5 | This CVE describes a logic error in Android's Bluetooth GATT server component that allows nearby att | |
| 2540 | CVE-2025-0558 |
|
31.4th | 6.3 | This critical SQL injection vulnerability in TDuckCloud tduck-platform allows remote attackers to ex | |
| 2541 | CVE-2024-52594 |
|
31.3th | 4.3 | Gomatrixserverlib, a Go library for Matrix federation, is vulnerable to server-side request forgery | |
| 2542 | CVE-2025-23112 |
|
31.3th | 6.1 | A stored cross-site scripting (XSS) vulnerability in REDCap 14.9.6 allows authenticated users to inj | |
| 2543 | CVE-2024-56114 |
|
31.3th | 6.5 | CVE-2024-56114 is an improper authorization vulnerability in Canlineapp Online 1.1 that allows users | |
| 2544 | CVE-2025-26308 |
|
31.3th | 6.5 | A memory leak vulnerability in libming's SWF file parser allows attackers to cause denial of service | |
| 2545 | CVE-2025-26306 |
|
31.3th | 6.5 | A memory leak vulnerability in libming's readSizedString function allows attackers to cause denial o | |
| 2546 | CVE-2025-0866 |
|
31.3th | 6.5 | The Legoeso PDF Manager WordPress plugin contains a time-based SQL injection vulnerability in the 'c | |
| 2547 | CVE-2022-40490 |
|
31.3th | 4.8 | CVE-2022-40490 is a Cross-Site Scripting (XSS) vulnerability in Tiny File Manager v2.4.7 and below t | |
| 2548 | CVE-2025-2662 |
|
31.3th | 6.3 | This critical SQL injection vulnerability in Project Worlds Online Time Table Generator 1.0 allows a | |
| 2549 | CVE-2024-13924 |
|
31.4th | 5.3 | The Starter Templates by FancyWP WordPress plugin has a blind SSRF vulnerability that allows unauthe | |
| 2550 | CVE-2024-31397 |
|
31.3th | 4.9 | An improper handling of extra values vulnerability in Cybozu Garoon allows authenticated administrat |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free