Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 2601 | CVE-2025-56643 |
|
21.8th | 9.1 | Wiki.js 2.5.307 has a critical authentication flaw where JWT tokens remain valid after logout, allow | |
| 2602 | CVE-2025-65482 |
|
21.9th | 9.8 | An XML External Entity (XXE) vulnerability in opensagres XDocReport versions 0.9.2 through 2.0.3 all | |
| 2603 | CVE-2024-55193 |
|
21.5th | 9.8 | CVE-2024-55193 is a NULL pointer dereference vulnerability in OpenImageIO's string_view.h component | |
| 2604 | CVE-2025-49794 |
|
21.6th | 9.1 | A use-after-free vulnerability in libxml2 allows attackers to crash applications or cause undefined | |
| 2605 | CVE-2025-54428 |
|
21.5th | 9.8 | This CVE involves accidental exposure of a MongoDB Atlas database connection string containing crede | |
| 2606 | CVE-2025-53644 |
|
21.7th | 9.8 | OpenCV versions 4.10.0 and 4.11.0 contain an uninitialized pointer vulnerability (CWE-457) that allo | |
| 2607 | CVE-2025-57754 |
|
21.5th | 9.8 | The eslint-ban-moment ESLint plugin versions 3.0.0 and earlier expose a sensitive Supabase URI with | |
| 2608 | CVE-2025-55213 |
|
21.6th | 9.8 | OpenFGA versions 1.9.3 to 1.9.4 contain an improper policy enforcement vulnerability in Check and Li | |
| 2609 | CVE-2025-44963 |
|
21.6th | 9.0 | CVE-2025-44963 allows attackers to forge administrator JSON Web Tokens (JWTs) in RUCKUS Network Dire | |
| 2610 | CVE-2025-59434 |
|
21.5th | 9.6 | An authenticated vulnerability in Flowise Cloud allowed free-tier users to access sensitive environm | |
| 2611 | CVE-2025-54469 |
|
21.6th | 9.9 | This CVE describes a command injection vulnerability in NeuVector's enforcer container where environ | |
| 2612 | CVE-2025-62023 |
|
21.7th | 9.8 | This CVE describes a critical remote code execution vulnerability in the s2Member WordPress plugin. | |
| 2613 | CVE-2025-60206 |
|
21.7th | 10.0 | This critical vulnerability in the Alone WordPress theme allows remote attackers to execute arbitrar | |
| 2614 | CVE-2025-42887 |
|
21.6th | 9.9 | CVE-2025-42887 is a critical code injection vulnerability in SAP Solution Manager that allows authen | |
| 2615 | CVE-2025-49372 |
|
21.7th | 10.0 | This critical vulnerability in VillaTheme's HAPPY helpdesk support ticket system for WordPress allow | |
| 2616 | CVE-2025-47588 |
|
21.7th | 9.8 | This CVE-2025-47588 is a critical code injection vulnerability in the Dynamic Pricing With Discount | |
| 2617 | CVE-2025-65823 |
|
21.6th | 9.8 | The Meatmeet Pro device contains hardcoded Wi-Fi credentials in its firmware, allowing attackers to | |
| 2618 | CVE-2025-14324 |
|
21.7th | 9.8 | A critical JIT miscompilation vulnerability in Firefox's JavaScript engine allows arbitrary code exe | |
| 2619 | CVE-2025-65267 |
|
21.6th | 9.0 | This vulnerability allows attackers to upload malicious SVG avatar images containing JavaScript payl | |
| 2620 | CVE-2026-24304 |
|
21.6th | 9.9 | This critical vulnerability in Azure Resource Manager allows authenticated attackers to escalate pri | |
| 2621 | CVE-2026-23722 |
|
21.7th | 9.1 | This is a reflected cross-site scripting (XSS) vulnerability in WeGIA web management software that a | |
| 2622 | CVE-2026-0879 |
|
21.6th | 9.8 | This CVE describes a sandbox escape vulnerability in the Graphics component of Mozilla products due | |
| 2623 | CVE-2024-7760 |
|
21.4th | 9.6 | Aim version 3.22.0 has overly permissive CORS settings that allow cross-origin requests from any dom | |
| 2624 | CVE-2023-49641 |
|
21.3th | 9.8 | Billing Software v1.0 contains unauthenticated SQL injection vulnerabilities in the loginCheck.php f | |
| 2625 | CVE-2025-4052 |
|
21.5th | 9.8 | This vulnerability in Chrome DevTools allows attackers to bypass discretionary access control by tri | |
| 2626 | CVE-2025-43275 |
|
21.2th | 9.8 | A race condition vulnerability in macOS allows malicious applications to escape their sandbox restri | |
| 2627 | CVE-2025-30026 |
|
21.4th | 9.8 | CVE-2025-30026 is an authentication bypass vulnerability in AXIS Camera Station Server that allows a | |
| 2628 | CVE-2025-36157 |
|
21.3th | 9.8 | This vulnerability allows unauthenticated remote attackers to modify server property files in IBM Ja | |
| 2629 | CVE-2025-48148 |
|
21.2th | 10.0 | This vulnerability allows attackers to upload malicious files to WordPress sites using the StoreKeep | |
| 2630 | CVE-2025-56795 |
|
21.2th | 9.0 | CVE-2025-56795 is a stored cross-site scripting vulnerability in Mealie recipe management software. | |
| 2631 | CVE-2025-48006 |
|
21.2th | 9.1 | This XXE vulnerability in DataSpider Servista allows attackers to read arbitrary files from the serv | |
| 2632 | CVE-2025-42922 |
|
21.5th | 9.9 | This critical vulnerability in SAP NetWeaver AS Java allows authenticated non-administrative users t | |
| 2633 | CVE-2025-62583 |
|
21.4th | 9.8 | This vulnerability in Whale Browser allows attackers to escape iframe sandbox restrictions in dual-t | |
| 2634 | CVE-2025-11782 |
|
21.2th | 9.8 | A stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 allows remote code exe | |
| 2635 | CVE-2026-0884 |
|
21.2th | 9.8 | A use-after-free vulnerability in the JavaScript Engine component allows attackers to execute arbitr | |
| 2636 | CVE-2025-64419 |
|
21.2th | 9.6 | This vulnerability allows remote command execution as root on Coolify instances when users create ap | |
| 2637 | CVE-2025-49709 |
|
21.1th | 9.8 | This vulnerability in Firefox allows memory corruption through certain canvas operations, potentiall | |
| 2638 | CVE-2025-7458 |
|
21.2th | 9.1 | An integer overflow vulnerability in SQLite's sqlite3KeyInfoFromExprList function allows attackers w | |
| 2639 | CVE-2025-31255 |
|
21.1th | 9.8 | This CVE describes an authorization bypass vulnerability in Apple operating systems that allows mali | |
| 2640 | CVE-2025-57118 |
|
21.2th | 9.8 | This vulnerability in PHPGurukul Online Library Management System v3.0 allows attackers to escalate | |
| 2641 | CVE-2026-25809 |
|
21.1th | 9.8 | This vulnerability in PlaciPy version 1.0.0 allows attackers to execute code evaluation outside of i | |
| 2642 | CVE-2025-15113 |
|
21.2th | 9.3 | Ksenia Security Lares 4.0 Home Automation version 1.6 contains an unprotected endpoint that allows a | |
| 2643 | CVE-2025-66589 |
|
21.1th | 9.1 | An out-of-bounds read vulnerability in AzeoTech DAQFactory allows attackers to read memory beyond al | |
| 2644 | CVE-2026-24736 |
|
21th | 9.1 | This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in Squidex's webhook functiona | |
| 2645 | CVE-2026-25544 |
|
21th | 9.8 | This is a critical SQL injection vulnerability in Payload CMS versions before 3.73.0 that allows una | |
| 2646 | CVE-2025-24201 |
|
20.9th | 10.0 | KEV | This critical vulnerability allows malicious web content to break out of the Web Content sandbox via |
| 2647 | CVE-2025-46608 |
|
20.8th | 9.1 | Dell Data Lakehouse versions before 1.6.0.0 have an improper access control vulnerability that allow | |
| 2648 | CVE-2025-69201 |
|
20.8th | 9.8 | CVE-2025-69201 is a command injection vulnerability in Tugtainer's agent API that allows attackers t | |
| 2649 | CVE-2026-22778 |
|
20.9th | 9.8 | This vulnerability in vLLM allows attackers to leak heap memory addresses by sending invalid images | |
| 2650 | CVE-2025-23016 |
|
20.6th | 9.3 | CVE-2025-23016 is an integer overflow vulnerability in FastCGI fcgi2 library versions 2.x through 2. |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free