Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 2601 | CVE-2025-0593 |
|
64.4th | 8.8 | This vulnerability allows remote attackers with low privileges to execute arbitrary shell commands o | |
| 2602 | CVE-2025-64717 |
|
64.4th | 9.8 | This vulnerability in ZITADEL identity management platform allows unauthenticated attackers to bypas | |
| 2603 | CVE-2025-14850 |
|
64.4th | 8.1 | Advantech WebAccess/SCADA is vulnerable to directory traversal that allows attackers to delete arbit | |
| 2604 | CVE-2025-13426 |
|
64.4th | N/A | This vulnerability in Google Apigee's JavaCallout policy allows attackers to inject malicious Java o | |
| 2605 | CVE-2024-13520 |
|
64.3th | 5.3 | This vulnerability allows unauthenticated attackers to modify gift voucher values, expiration dates, | |
| 2606 | CVE-2025-3015 |
|
64.3th | 6.3 | This critical vulnerability in Assimp's ASE file handler allows remote attackers to trigger out-of-b | |
| 2607 | CVE-2025-2804 |
|
64.3th | 6.1 | This reflected cross-site scripting vulnerability in the tagDiv Composer WordPress plugin allows una | |
| 2608 | CVE-2025-2269 |
|
64.3th | 6.1 | This vulnerability allows unauthenticated attackers to inject malicious scripts via the 'image_id' p | |
| 2609 | CVE-2025-32158 |
|
64.3th | 7.5 | This vulnerability allows attackers to include arbitrary PHP files from remote servers in the aTheme | |
| 2610 | CVE-2025-21177 |
|
64.3th | 8.7 | This Server-Side Request Forgery vulnerability in Microsoft Dynamics 365 Sales allows authenticated | |
| 2611 | CVE-2025-4981 |
|
64.2th | 9.9 | This vulnerability allows authenticated Mattermost users to write files to arbitrary locations on th | |
| 2612 | CVE-2025-11673 |
|
64.2th | 7.2 | SOOP-CLM software from PiExtract contains hidden functionality that privileged remote attackers can | |
| 2613 | CVE-2024-57660 |
|
64.2th | 7.5 | A SQL injection vulnerability in the sqlo_expand_jts component of OpenLink Virtuoso Open Source allo | |
| 2614 | CVE-2024-52892 |
|
64.2th | 6.1 | IBM Jazz for Service Management versions 1.1.3 through 1.1.3.23 contain a cross-site scripting (XSS) | |
| 2615 | CVE-2025-32799 |
|
64.2th | 9.8 | CVE-2025-32799 is a path traversal vulnerability in conda-build that allows attackers to write files | |
| 2616 | CVE-2025-34328 |
|
64.2th | 9.8 | This critical vulnerability allows unauthenticated remote attackers to upload arbitrary files and ex | |
| 2617 | CVE-2025-34394 |
|
64.2th | 9.8 | Barracuda Service Center in the RMM solution prior to version 2025.1.1 exposes a .NET Remoting servi | |
| 2618 | CVE-2025-34393 |
|
64.2th | 9.8 | This vulnerability in Barracuda Service Center allows attackers to execute arbitrary code remotely b | |
| 2619 | CVE-2024-12086 |
|
64.2th | 6.1 | This rsync vulnerability allows a malicious server to read arbitrary files from a client's machine d | |
| 2620 | CVE-2025-43844 |
|
64.1th | 9.8 | CVE-2025-43844 is a critical command injection vulnerability in Retrieval-based-Voice-Conversion-Web | |
| 2621 | CVE-2025-68952 |
|
64.1th | 9.8 | Eigent multi-agent Workforce version 0.0.60 contains a 1-click Remote Code Execution vulnerability t | |
| 2622 | CVE-2024-52006 |
|
64.1th | 7.5 | This vulnerability allows attackers to inject malicious commands into Git credential helpers by expl | |
| 2623 | CVE-2025-47981 |
|
64.1th | 9.8 | A heap-based buffer overflow vulnerability in Windows SPNEGO Extended Negotiation allows unauthentic | |
| 2624 | CVE-2025-56083 |
|
64.1th | 8.8 | This CVE describes an OS command injection vulnerability in Ruijie X30-PRO routers that allows attac | |
| 2625 | CVE-2025-63213 |
|
64.1th | 9.8 | This vulnerability allows remote attackers to execute arbitrary commands with root privileges on QVi | |
| 2626 | CVE-2023-53968 |
|
64.1th | 9.8 | This authentication bypass vulnerability in Screen SFT DAB 600/C firmware allows attackers to delete | |
| 2627 | CVE-2025-1059 |
|
64th | 7.5 | A resource allocation vulnerability in Schneider Electric devices allows attackers to send malicious | |
| 2628 | CVE-2025-2714 |
|
64th | 4.3 | This vulnerability in JoomlaUX JUX Real Estate 3.4.0 allows attackers to inject malicious scripts vi | |
| 2629 | CVE-2025-32581 |
|
64th | 7.1 | This stored cross-site scripting (XSS) vulnerability in the WordPress Spam Blocker plugin allows att | |
| 2630 | CVE-2023-7334 |
|
64.1th | 9.8 | This CVE describes a critical .NET deserialization vulnerability in Changjetong T+ software that all | |
| 2631 | CVE-2025-64424 |
|
64th | 8.8 | A command injection vulnerability in Coolify allows low-privileged users (members) to execute arbitr | |
| 2632 | CVE-2025-21185 |
|
64th | 6.5 | This vulnerability in Microsoft Edge allows attackers to gain elevated privileges on affected system | |
| 2633 | CVE-2025-22599 |
|
64th | 6.5 | A reflected cross-site scripting (XSS) vulnerability exists in WeGIA's home.php endpoint via the msg | |
| 2634 | CVE-2025-1127 |
|
64th | 9.1 | This CVE-2025-1127 vulnerability allows attackers to execute arbitrary code as an unprivileged user | |
| 2635 | CVE-2025-30737 |
|
64th | 5.7 | This vulnerability in Oracle Smart View for Office allows high-privileged attackers with network acc | |
| 2636 | CVE-2025-21601 |
|
64th | 7.5 | An unauthenticated attacker can send specially crafted network traffic to Juniper devices to cause C | |
| 2637 | CVE-2025-64764 |
|
64th | 7.1 | A reflected cross-site scripting (XSS) vulnerability exists in Astro web framework when using server | |
| 2638 | CVE-2025-53477 |
|
64th | 7.5 | A NULL pointer dereference vulnerability in Apache NimBLE's Bluetooth stack occurs when HCI connecti | |
| 2639 | CVE-2025-21397 |
|
63.9th | 7.8 | This vulnerability allows remote code execution through specially crafted Microsoft Office documents | |
| 2640 | CVE-2025-21394 |
|
63.9th | 7.8 | This vulnerability allows remote code execution through specially crafted Excel files. Attackers cou | |
| 2641 | CVE-2025-21381 |
|
63.9th | 7.8 | Microsoft Excel contains a remote code execution vulnerability that allows attackers to execute arbi | |
| 2642 | CVE-2024-9639 |
|
63.9th | 8.0 | This vulnerability allows remote code execution if an attacker obtains session administrator credent | |
| 2643 | CVE-2025-3844 |
|
63.9th | 9.8 | The PeproDev Ultimate Profile Solutions WordPress plugin has an authentication bypass vulnerability | |
| 2644 | CVE-2025-34231 |
|
63.9th | 8.6 | This CVE describes an unauthenticated server-side request forgery (SSRF) vulnerability in Vasion Pri | |
| 2645 | CVE-2025-36072 |
|
63.9th | 8.8 | This vulnerability in IBM webMethods Integration allows authenticated users to execute arbitrary cod | |
| 2646 | CVE-2025-66631 |
|
63.9th | N/A | CVE-2025-66631 is a remote code execution vulnerability in CSLA .NET framework versions 5.5.4 and be | |
| 2647 | CVE-2025-2993 |
|
63.9th | 5.3 | This critical vulnerability in Tenda FH1202 routers allows improper access controls through manipula | |
| 2648 | CVE-2024-50631 |
|
63.9th | 7.5 | This SQL injection vulnerability in Synology Drive Server's system syncing daemon allows remote atta | |
| 2649 | CVE-2023-42970 |
|
63.9th | 8.8 | This CVE describes a use-after-free vulnerability in Apple's WebKit browser engine that could allow | |
| 2650 | CVE-2025-41714 |
|
63.9th | 8.8 | This vulnerability allows authenticated attackers to perform path traversal attacks via the 'Upload- |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free