Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
2751	CVE-2025-15102	0.06%	19.4th	9.1	CVE-2025-15102 is a password protection bypass vulnerability in Delta Electronics DVP-12SE11T PLC mo
2752	CVE-2025-58935	0.06%	19.4th	9.8	This vulnerability allows attackers to include local files on the server through improper filename c
2753	CVE-2021-47731	0.06%	19.5th	9.8	Selea Targa IP OCR-ANPR cameras contain a hidden developer backdoor page accessible with hard-coded
2754	CVE-2025-67504	0.06%	19.5th	9.1	WBCE CMS versions 1.6.4 and below use PHP's non-cryptographically secure rand() function to generate
2755	CVE-2025-11788	0.06%	19.6th	9.8	A heap-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 allows remote code exec
2756	CVE-2025-11780	0.06%	19.6th	9.8	This CVE describes a critical stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-
2757	CVE-2025-68015	0.06%	19.4th	9.0	This CVE describes a code injection vulnerability in the Vollstart Event Tickets with Ticket Scanner
2758	CVE-2026-25587	0.06%	19.4th	10.0	CVE-2026-25587 is a critical sandbox escape vulnerability in SandboxJS library versions before 0.8.2
2759	CVE-2026-25586	0.06%	19.4th	10.0	This CVE describes a sandbox escape vulnerability in SandboxJS library versions before 0.8.29. Attac
2760	CVE-2026-24002	0.06%	19.4th	9.0	This vulnerability allows arbitrary code execution on Grist servers when using the pyodide sandbox f
2761	CVE-2025-52553	0.06%	19.1th	9.6	This vulnerability in authentik allows session hijacking through Remote Access Control (RAC) tokens.
2762	CVE-2025-40711	0.06%	19.3th	9.8	A critical SQL injection vulnerability in Quiter Gateway allows attackers to manipulate database ope
2763	CVE-2025-53599	0.06%	19.2th	9.8	This vulnerability allows attackers to execute malicious JavaScript code in Whale browser for iOS by
2764	CVE-2025-43027	0.06%	19.3th	9.8	A critical vulnerability in the ALPR Manager role of Genetec Security Center allows attackers to gai
2765	CVE-2025-62944	0.06%	19.3th	9.8	This CVE describes a Missing Authorization vulnerability in the MSTW CSV EXPORTER WordPress plugin t
2766	CVE-2025-62906	0.06%	19.3th	9.8	This CVE describes a Missing Authorization vulnerability in the Referral Link Tracker WordPress plug
2767	CVE-2025-60220	0.06%	19.3th	9.8	This vulnerability allows attackers to escalate privileges in the CouponXxL WordPress theme due to i
2768	CVE-2025-60316	0.06%	19.3th	9.4	This vulnerability allows attackers to execute arbitrary SQL commands through the ID parameter in ad
2769	CVE-2025-41346	0.06%	19.3th	9.8	CVE-2025-41346 is an authorization bypass vulnerability in WinPlus v24.11.27 that allows attackers t
2770	CVE-2025-6325	0.06%	19.3th	9.8	This vulnerability allows attackers to escalate privileges in WordPress sites using the King Addons
2771	CVE-2025-66072	0.06%	19.3th	9.8	This CVE describes a missing authorization vulnerability in the UsersWP WordPress plugin that allows
2772	CVE-2025-60243	0.06%	19.3th	9.8	This vulnerability allows attackers to gain higher privileges than intended in the Selling Commander
2773	CVE-2025-60195	0.06%	19.3th	9.8	This vulnerability allows attackers to escalate privileges in the Atarim Visual Collaboration WordPr
2774	CVE-2025-58627	0.06%	19.3th	9.8	This CVE describes an Insecure Direct Object Reference (IDOR) vulnerability in the Miraculous Core W
2775	CVE-2025-34449	0.06%	19.3th	9.1	A buffer overflow vulnerability in scrcpy allows a compromised Android device to send crafted messag
2776	CVE-2025-66078	0.06%	19.3th	9.1	This vulnerability allows remote attackers to execute arbitrary code on WordPress sites running the
2777	CVE-2025-27019	0.06%	19.3th	9.8	This critical vulnerability in Infinera MTC-9's remote shell service allows unauthenticated attacker
2778	CVE-2025-68669	0.06%	19.4th	9.6	This CVE describes a remote code execution vulnerability in the 5ire AI assistant desktop applicatio
2779	CVE-2025-25763	0.06%	18.8th	9.8	CVE-2025-25763 is a SQL injection vulnerability in crmeb CRMEB-KY software that allows attackers to
2780	CVE-2025-48057	0.06%	19th	9.8	A certificate validation vulnerability in Icinga 2 allows attackers to obtain valid certificates by
2781	CVE-2025-47682	0.06%	19th	9.3	This SQL injection vulnerability in the SMS Alert Order Notifications WooCommerce plugin allows atta
2782	CVE-2025-46192	0.06%	19th	9.8	This vulnerability allows attackers to execute arbitrary SQL commands through the order_id parameter
2783	CVE-2025-46190	0.06%	19th	9.8	This SQL injection vulnerability in SourceCodester Client Database Management System 1.0 allows atta
2784	CVE-2025-2812	0.06%	19th	9.8	This CVE describes a blind SQL injection vulnerability in Mydata Informatics Ticket Sales Automation
2785	CVE-2025-54444	0.06%	19th	9.8	This vulnerability allows attackers to upload malicious files to Samsung MagicINFO 9 Server, leading
2786	CVE-2025-7394	0.06%	19.1th	9.8	This vulnerability in wolfSSL's OpenSSL compatibility layer causes predictable random number generat
2787	CVE-2025-53251	0.06%	18.8th	9.9	This vulnerability allows unauthenticated attackers to upload arbitrary files, including web shells,
2788	CVE-2025-53213	0.06%	18.8th	9.9	This vulnerability allows attackers to upload malicious files to websites using the ReachShip WooCom
2789	CVE-2025-9187	0.06%	19th	9.8	This CVE describes memory safety bugs in Firefox and Thunderbird that could lead to memory corruptio
2790	CVE-2025-24775	0.06%	18.8th	9.9	This vulnerability allows attackers to upload arbitrary files, including web shells, to WordPress se
2791	CVE-2025-8047	0.06%	19th	9.8	This vulnerability affects WordPress plugins that load a compromised JavaScript file from an abandon
2792	CVE-2025-46658	0.06%	19th	9.8	CVE-2025-46658 is an information disclosure vulnerability in 4C Strategies ExonautWeb where verbose
2793	CVE-2020-37153	0.06%	19.1th	9.8	CVE-2020-37153 allows attackers to execute arbitrary system commands and perform cross-site scriptin
2794	CVE-2025-64102	0.06%	18.8th	9.8	Zitadel identity infrastructure software versions prior to 4.6.0, 3.4.3, and 2.71.18 are vulnerable
2795	CVE-2025-62025	0.06%	18.9th	9.8	This CVE describes a PHP object injection vulnerability in the JobSearch WordPress plugin that allow
2796	CVE-2025-60238	0.06%	18.9th	9.8	This CVE describes a PHP object injection vulnerability in the UNIVERSAM WordPress plugin that allow
2797	CVE-2025-60232	0.06%	18.9th	9.8	This CVE describes a PHP object injection vulnerability in the quantumcloud KBx Pro Ultimate WordPre
2798	CVE-2025-60226	0.06%	18.9th	9.8	This vulnerability allows attackers to execute arbitrary code by exploiting insecure deserialization
2799	CVE-2025-60224	0.06%	18.9th	9.8	This CVE describes a PHP object injection vulnerability in the WordPress Subscribe to Download plugi
2800	CVE-2025-60221	0.06%	18.9th	9.8	This CVE describes a PHP object injection vulnerability in the Captivate Sync WordPress plugin that

← Previous Page 56 of 70 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free