Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 2551 | CVE-2025-67915 |
|
22.6th | 9.8 | This CVE describes an authentication bypass vulnerability in the Arraytics Timetics WordPress plugin | |
| 2552 | CVE-2025-23504 |
|
22.6th | 9.8 | This CVE describes an authentication bypass vulnerability in the RiceTheme Felan Framework WordPress | |
| 2553 | CVE-2025-68637 |
|
22.6th | 9.1 | This vulnerability allows attackers to perform Man-in-the-Middle attacks on all REST API communicati | |
| 2554 | CVE-2025-64121 |
|
22.6th | 9.8 | An authentication bypass vulnerability in Nuvation Energy Multi-Stack Controller (MSC) allows attack | |
| 2555 | CVE-2025-49071 |
|
22.5th | 10.0 | This critical vulnerability in the NasaTheme Flozen WordPress theme allows attackers to upload arbit | |
| 2556 | CVE-2025-31022 |
|
22.4th | 9.8 | This CVE describes an authentication bypass vulnerability in the PayU India WordPress plugin that al | |
| 2557 | CVE-2025-0324 |
|
22.5th | 9.4 | CVE-2025-0324 is a privilege escalation vulnerability in Axis VAPIX Device Configuration framework t | |
| 2558 | CVE-2025-43243 |
|
22.4th | 9.8 | A critical permissions bypass vulnerability in macOS allows malicious applications to modify protect | |
| 2559 | CVE-2025-43232 |
|
22.4th | 9.8 | This CVE describes a permissions vulnerability in macOS that allows applications to bypass certain P | |
| 2560 | CVE-2025-54416 |
|
22.4th | 9.1 | This vulnerability in tj-actions/branch-names GitHub Action allows arbitrary command execution in do | |
| 2561 | CVE-2025-42950 |
|
22.4th | 9.9 | CVE-2025-42950 is a critical code injection vulnerability in SAP Landscape Transformation (SLT) that | |
| 2562 | CVE-2025-55187 |
|
22.5th | 9.9 | This vulnerability in DriveLock allows attackers to gain elevated privileges, potentially leading to | |
| 2563 | CVE-2025-42910 |
|
22.5th | 9.0 | This vulnerability allows authenticated attackers to upload arbitrary files, including malicious exe | |
| 2564 | CVE-2025-60306 |
|
22.5th | 9.9 | Simple Car Rental System 1.0 has a session permission bypass vulnerability that allows low-privilege | |
| 2565 | CVE-2025-57247 |
|
22.4th | 9.1 | The BATBToken smart contract contains critical access control vulnerabilities in whitelist managemen | |
| 2566 | CVE-2025-59390 |
|
22.5th | 9.8 | Apache Druid's Kerberos authenticator uses a weak random fallback secret when cookieSignatureSecret | |
| 2567 | CVE-2025-64428 |
|
22.5th | 9.8 | This CVE describes a JNDI injection vulnerability in Dataease, an open-source data visualization too | |
| 2568 | CVE-2025-58595 |
|
22.5th | 9.1 | This vulnerability allows attackers to bypass authentication in the WordPress 'All In One Login' plu | |
| 2569 | CVE-2025-47928 |
|
22.2th | 9.1 | This CVE describes a GitHub Actions workflow vulnerability in the Spotipy Python library where the p | |
| 2570 | CVE-2026-26218 |
|
22.2th | 9.8 | CVE-2026-26218 allows unauthenticated attackers to gain administrative control of newbee-mall applic | |
| 2571 | CVE-2025-43198 |
|
22.2th | 9.8 | This vulnerability allows malicious applications to bypass macOS security protections and access sen | |
| 2572 | CVE-2025-43192 |
|
22.2th | 9.8 | This CVE describes a configuration bypass vulnerability in macOS that allows account-driven User Enr | |
| 2573 | CVE-2025-53102 |
|
22.3th | 9.8 | Discourse versions before 3.4.7 and 3.5.0.beta8 have a session fixation vulnerability in WebAuthn 2F | |
| 2574 | CVE-2025-10183 |
|
22.3th | 9.1 | CVE-2025-10183 is a blind XML External Entity (XXE) injection vulnerability in TecCom TecConnect 4.1 | |
| 2575 | CVE-2025-55469 |
|
22.2th | 9.8 | CVE-2025-55469 is an incorrect access control vulnerability in youlai-boot v2.21.1 that allows attac | |
| 2576 | CVE-2025-62608 |
|
22.2th | 9.1 | CVE-2025-62608 is a heap buffer overflow vulnerability in MLX's load() function when parsing malicio | |
| 2577 | CVE-2022-23851 |
|
22.2th | 9.8 | CVE-2022-23851 is a server-side template injection vulnerability in Netaxis API Orchestrator (APIO) | |
| 2578 | CVE-2026-24305 |
|
22.3th | 9.3 | This critical vulnerability in Azure Entra ID (formerly Azure Active Directory) allows attackers to | |
| 2579 | CVE-2025-26909 |
|
22th | 9.6 | This vulnerability allows attackers to include arbitrary local files through PHP's include/require s | |
| 2580 | CVE-2023-41591 |
|
22.1th | 9.8 | CVE-2023-41591 is an authentication bypass vulnerability in ONOS SDN controller that allows attacker | |
| 2581 | CVE-2025-6172 |
|
22th | 9.8 | This CVE describes a permission vulnerability in the BoomPlayer mobile application that allows unaut | |
| 2582 | CVE-2025-53964 |
|
22.1th | 9.6 | GoldenDict 1.5.0 and 1.5.1 contain an exposed dangerous method that allows arbitrary file read and w | |
| 2583 | CVE-2024-9342 |
|
22th | 9.8 | CVE-2024-9342 allows attackers to perform unlimited brute-force login attempts against Eclipse Glass | |
| 2584 | CVE-2025-59937 |
|
22th | 9.1 | The go-mail library versions 0.7.0 and below incorrectly handle mail.Address values when passed to S | |
| 2585 | CVE-2025-57119 |
|
22.1th | 9.8 | This vulnerability in Online Library Management System v3.0 allows attackers to escalate privileges | |
| 2586 | CVE-2025-12049 |
|
22th | 9.8 | CVE-2025-12049 is a critical authentication bypass vulnerability in Sharp Display Solutions Media Pl | |
| 2587 | CVE-2025-67791 |
|
22th | 9.8 | An authentication misconfiguration in DriveLock Enterprise Service (DES) allows attackers to imperso | |
| 2588 | CVE-2025-11786 |
|
22th | 9.8 | This CVE describes a critical stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE- | |
| 2589 | CVE-2025-11785 |
|
22th | 9.8 | A stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 allows remote code exe | |
| 2590 | CVE-2025-11784 |
|
22th | 9.8 | This CVE describes a critical stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE- | |
| 2591 | CVE-2025-13375 |
|
22.1th | 9.8 | CVE-2025-13375 is a critical vulnerability in IBM Common Cryptographic Architecture (CCA) that allow | |
| 2592 | CVE-2026-1453 |
|
22th | 9.8 | An unauthenticated attacker can create or delete administrator accounts on KiloView Encoder Series d | |
| 2593 | CVE-2024-52975 |
|
21.9th | 9.0 | Fleet Server logs sensitive information from Fleet policies at INFO and ERROR log levels, potentiall | |
| 2594 | CVE-2025-40912 |
|
21.9th | 9.8 | CryptX for Perl versions before 0.065 contains a vulnerable embedded tomcrypt library that may be su | |
| 2595 | CVE-2025-32291 |
|
21.9th | 10.0 | This vulnerability allows attackers to upload malicious files to WordPress sites running the SUMO Af | |
| 2596 | CVE-2025-27214 |
|
21.8th | 9.8 | A Missing Authentication for Critical Function vulnerability in UniFi Connect EV Station Pro allows | |
| 2597 | CVE-2025-55306 |
|
21.8th | 9.8 | This vulnerability in GenX_FX trading platform exposes API keys and authentication tokens due to mis | |
| 2598 | CVE-2025-8284 |
|
21.8th | 9.8 | CVE-2025-8284 is a critical authentication bypass vulnerability in Packet Power Monitoring and Contr | |
| 2599 | CVE-2025-58768 |
|
21.8th | 9.6 | This vulnerability in DeepChat's Mermaid chart rendering component allows cross-site scripting (XSS) | |
| 2600 | CVE-2025-60355 |
|
21.7th | 9.8 | CVE-2025-60355 is a critical Server-Side Template Injection (SSTI) vulnerability in zhangyd-c OneBlo |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free