Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
2801	CVE-2023-38714	0.11%	29.6th	5.3	IBM Cloud Pak System versions 2.3.3.0 through 2.3.3.7 iFix1 contain an information disclosure vulner
2802	CVE-2025-0481	0.11%	29.5th	5.3	This vulnerability in D-Link DIR-878 routers allows remote attackers to access sensitive information
2803	CVE-2025-0448	0.11%	29.5th	4.3	This vulnerability in Google Chrome's compositing engine allows attackers to create malicious web pa
2804	CVE-2024-10775	0.11%	29.6th	4.3	The Piotnet Addons For Elementor WordPress plugin allows authenticated attackers with Contributor-le
2805	CVE-2024-11915	0.11%	29.6th	4.3	The RRAddons for Elementor WordPress plugin allows authenticated attackers with Contributor-level ac
2806	CVE-2024-12207	0.11%	29.5th	4.4	This stored XSS vulnerability in the Toggles Shortcode and Widget WordPress plugin allows authentica
2807	CVE-2025-0823	0.11%	29.5th	6.5	This directory traversal vulnerability in IBM Cognos Analytics allows remote attackers to read arbit
2808	CVE-2025-2626	0.11%	29.6th	6.3	This critical SQL injection vulnerability in SourceCodester Kortex Lite Advocate Office Management S
2809	CVE-2023-48785	0.11%	29.5th	4.8	This vulnerability allows remote unauthenticated attackers to perform man-in-the-middle attacks on H
2810	CVE-2025-22099	0.11%	29.6th	5.5	This CVE describes a NULL pointer dereference vulnerability in the Linux kernel's Xilinx ZynqMP disp
2811	CVE-2023-42007	0.11%	29.6th	5.4	IBM Sterling Control Center versions 6.2.1, 6.3.1, and 6.4.0 contain a cross-site scripting (XSS) vu
2812	CVE-2025-3163	0.11%	29.5th	5.3	This critical vulnerability in InternLM LMDeploy allows code injection through manipulation of the O
2813	CVE-2024-56475	0.11%	29.6th	5.4	IBM TXSeries for Multiplatforms versions 9.1 and 11.1 contain a cross-site scripting (XSS) vulnerabi
2814	CVE-2024-56341	0.11%	29.6th	5.4	IBM Content Navigator versions 3.0.11, 3.0.15, and 3.1.0 contain a cross-site scripting (XSS) vulner
2815	CVE-2025-5321	0.11%	29.5th	6.3	This critical vulnerability in aimhubio aim allows remote attackers to execute arbitrary code throug
2816	CVE-2024-3901	0.11%	29.6th	6.8	The Genesis Blocks WordPress plugin through version 3.1.3 contains a stored cross-site scripting (XS
2817	CVE-2025-4291	0.11%	29.6th	6.3	CVE-2025-4291 is a critical unrestricted file upload vulnerability in IdeaCMS's saveUpload function
2818	CVE-2025-11914	0.11%	29.5th	4.3	This CVE describes a path traversal vulnerability in Shenzhen Ruiming Technology's Streamax Crocus s
2819	CVE-2025-11913	0.11%	29.5th	4.3	This CVE describes a path traversal vulnerability in Shenzhen Ruiming Technology's Streamax Crocus s
2820	CVE-2025-65113	0.11%	29.5th	6.5	ClipBucket v5 has an authorization bypass vulnerability in its AJAX flagging system that allows unau
2821	CVE-2026-21691	0.11%	29.6th	5.4	A type confusion vulnerability in iccDEV's CIccTag::IsTypeCompressed() function allows attackers to
2822	CVE-2026-21689	0.11%	29.6th	6.5	A type confusion vulnerability in iccDEV's CIccProfileXml::ParseBasic() function allows attackers to
2823	CVE-2024-13517	0.11%	29.4th	4.4	This stored XSS vulnerability in the Easy Digital Downloads WordPress plugin allows authenticated ad
2824	CVE-2025-0487	0.11%	29.4th	6.3	This critical SQL injection vulnerability in Fanli2012 native-php-cms 1.0 allows remote attackers to
2825	CVE-2025-22215	0.11%	29.4th	4.3	VMware Aria Automation contains a server-side request forgery (SSRF) vulnerability that allows authe
2826	CVE-2025-1210	0.11%	29.3th	6.3	A critical SQL injection vulnerability exists in code-projects Wazifa System 1.0, specifically in th
2827	CVE-2025-20179	0.11%	29.4th	6.1	An unauthenticated cross-site scripting (XSS) vulnerability in Cisco Expressway web management inter
2828	CVE-2025-1018	0.11%	29.4th	5.3	This vulnerability allows attackers to hide the fullscreen notification in Firefox and Thunderbird b
2829	CVE-2025-3047	0.11%	29.4th	6.5	This vulnerability in AWS SAM CLI allows attackers to access privileged host files when building wit
2830	CVE-2025-2957	0.11%	29.5th	6.5	A null pointer dereference vulnerability in the TRENDnet TEW-411BRP+ router's HTTP request handler a
2831	CVE-2024-53307	0.11%	29.3th	5.4	This reflected XSS vulnerability in Evisions MAPS allows attackers to inject malicious scripts via t
2832	CVE-2025-28371	0.11%	29.4th	6.5	This vulnerability allows attackers to change the administrator password on EnGenius ENH500 access p
2833	CVE-2025-46785	0.11%	29.3th	6.5	A buffer over-read vulnerability in Zoom Workplace Apps for Windows allows authenticated users to ca
2834	CVE-2025-30667	0.11%	29.4th	6.5	A NULL pointer dereference vulnerability in Zoom Workplace Apps for Windows allows authenticated use
2835	CVE-2025-30665	0.11%	29.4th	6.5	A NULL pointer dereference vulnerability in Zoom Workplace Apps for Windows allows authenticated use
2836	CVE-2025-27206	0.11%	29.5th	5.3	This CVE describes an Improper Access Control vulnerability in Adobe Commerce that allows attackers
2837	CVE-2025-5807	0.11%	29.4th	6.1	The Gwolle Guestbook WordPress plugin has a stored XSS vulnerability that allows unauthenticated att
2838	CVE-2025-49558	0.11%	29.4th	5.9	This CVE describes a Time-of-check Time-of-use (TOCTOU) race condition vulnerability in Adobe Commer
2839	CVE-2025-12313	0.11%	29.3th	6.3	This CVE describes a command injection vulnerability in D-Link DI-7001 MINI routers through the /msp
2840	CVE-2025-55337	0.11%	29.3th	6.1	This vulnerability allows an unauthorized attacker with physical access to bypass Windows BitLocker
2841	CVE-2025-55333	0.11%	29.3th	6.1	This vulnerability allows an unauthorized attacker with physical access to bypass Windows BitLocker
2842	CVE-2025-55330	0.11%	29.3th	6.1	This vulnerability allows an unauthorized attacker with physical access to bypass a Windows BitLocke
2843	CVE-2025-58582	0.11%	29.4th	5.3	This vulnerability allows attackers to send excessively large payloads during failed login attempts,
2844	CVE-2025-13378	0.11%	29.5th	6.5	This vulnerability allows unauthenticated attackers to perform Server-Side Request Forgery (SSRF) at
2845	CVE-2025-10735	0.11%	29.4th	4.0	The Block For Mailchimp WordPress plugin has a blind SSRF vulnerability that allows unauthenticated
2846	CVE-2025-55055	0.11%	29.4th	6.8	CVE-2025-55055 is an OS command injection vulnerability that allows attackers to execute arbitrary c
2847	CVE-2025-62206	0.11%	29.4th	6.5	This vulnerability in Microsoft Dynamics 365 (on-premises) allows unauthorized attackers to access s
2848	CVE-2023-38913	0.11%	29.4th	5.3	This SQL injection vulnerability in NEWS-BUZZ v1.0 allows remote attackers to execute arbitrary SQL
2849	CVE-2025-64990	0.11%	29.3th	6.8	A command injection vulnerability in TeamViewer DEX (formerly 1E DEX) allows authenticated attackers
2850	CVE-2025-66578	0.11%	29.3th	6.0	CVE-2025-66578 is an authentication bypass vulnerability in xmlseclibs PHP library versions 3.1.3 an

← Previous Page 57 of 331 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free