Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Flags	Summary
251	CVE-2024-49601	4.26%	88.6th	7.3		CVE-2024-49601 is an OS command injection vulnerability in Dell Unity storage systems that allows un
252	CVE-2024-11848	4.25%	88.5th	8.1		The NitroPack WordPress plugin has an authorization bypass vulnerability that allows authenticated u
253	CVE-2025-60188	4.19%	88.5th	7.5		This vulnerability in the Atarim Visual Collaboration WordPress plugin allows attackers to retrieve
254	CVE-2024-14015	4.13%	88.4th	7.1		This vulnerability in the WordPress eCommerce Plugin allows attackers to inject malicious scripts vi
255	CVE-2025-21334	4.13%	88.4th	7.8	KEV	This vulnerability allows an authenticated attacker with local access to a Windows Hyper-V host to e
256	CVE-2024-12854	4.03%	88.2th	8.8		The Garden Gnome Package WordPress plugin allows authenticated attackers with Author-level access or
257	CVE-2025-69200	3.99%	88.1th	7.5		An unauthenticated remote attacker can trigger generation and download of configuration backup ZIP f
258	CVE-2024-13910	3.97%	88.1th	7.2		This vulnerability allows authenticated WordPress administrators to delete arbitrary files on the se
259	CVE-2024-11270	3.97%	88.1th	8.8		This vulnerability in the WordPress WebinarPress plugin allows authenticated attackers with subscrib
260	CVE-2025-24659	3.94%	88.1th	7.6		This SQL injection vulnerability in WordPress Download Manager Premium Packages allows attackers to
261	CVE-2024-11816	3.91%	88th	8.8		This vulnerability allows authenticated WordPress users with Subscriber-level access or higher to ex
262	CVE-2025-3515	3.87%	88th	8.1		This vulnerability allows unauthenticated attackers to upload malicious files like .phar extensions
263	CVE-2025-61810	3.82%	87.9th	8.4		This vulnerability allows attackers to execute arbitrary code on ColdFusion servers by sending malic
264	CVE-2024-54767	3.8%	87.8th	7.5		An access control vulnerability in AVM FRITZ!Box 7530 AX routers allows unauthenticated attackers to
265	CVE-2024-12853	3.78%	87.8th	8.8		The Modula Image Gallery WordPress plugin allows authenticated attackers with Author-level access or
266	CVE-2026-21513	3.77%	87.8th	8.8	KEV	This vulnerability in the MSHTML Framework allows attackers to bypass security protections remotely,
267	CVE-2024-58312	3.75%	87.8th	7.5		CVE-2024-58312 is an unauthenticated path traversal vulnerability in xbtitFM 4.1.18 that allows atta
268	CVE-2025-2485	3.59%	87.5th	7.5		This vulnerability in the Drag and Drop Multiple File Upload for Contact Form 7 WordPress plugin all
269	CVE-2024-57014	3.59%	87.5th	8.8		This vulnerability allows remote attackers to execute arbitrary operating system commands on TOTOLIN
270	CVE-2025-60336	3.46%	87.2th	7.5		A NULL pointer dereference vulnerability in TOTOLINK N600R routers allows attackers to crash the dev
271	CVE-2025-24209	3.38%	87.1th	7.0		This CVE describes a buffer overflow vulnerability in Apple's web content processing components. Att
272	CVE-2024-57610	3.37%	87.1th	7.5		CVE-2024-57610 is a rate limiting vulnerability in Sylius v2.0.2 that allows attackers to perform un
273	CVE-2024-57778	3.36%	87.1th	8.8		This vulnerability in Orbe ONetView Roeador Onet-1200 allows remote attackers to escalate privileges
274	CVE-2025-53691	3.34%	87th	8.8		A deserialization vulnerability in Sitecore Experience Manager (XM) and Experience Platform (XP) all
275	CVE-2025-21330	3.32%	87th	7.5		This vulnerability in Windows Remote Desktop Services allows attackers to cause a denial of service
276	CVE-2025-21290	3.32%	87th	7.5		This vulnerability in Microsoft Message Queuing (MSMQ) allows attackers to cause a denial of service
277	CVE-2025-21289	3.32%	87th	7.5		This vulnerability in Microsoft Message Queuing (MSMQ) allows attackers to cause a denial of service
278	CVE-2025-21270	3.32%	87th	7.5		Microsoft Message Queuing (MSMQ) contains a denial-of-service vulnerability that allows attackers to
279	CVE-2025-21251	3.32%	87th	7.5		This vulnerability in Microsoft Message Queuing (MSMQ) allows an attacker to cause a denial of servi
280	CVE-2025-21231	3.32%	87th	7.5		This vulnerability in IP Helper allows attackers to cause a denial of service condition on affected
281	CVE-2025-21230	3.32%	87th	7.5		Microsoft Message Queuing (MSMQ) contains a vulnerability that allows attackers to cause a denial of
282	CVE-2025-21218	3.32%	87th	7.5		This Windows Kerberos vulnerability allows attackers to cause denial of service by sending specially
283	CVE-2025-21207	3.32%	87th	7.5		This vulnerability in Windows Connected Devices Platform Service (Cdpsvc) allows attackers to cause
284	CVE-2025-21300	3.32%	87th	7.5		This vulnerability in Windows Universal Plug and Play (UPnP) Device Host service allows attackers to
285	CVE-2025-60694	3.29%	86.9th	7.5		A stack-based buffer overflow vulnerability in Linksys E1200 v2 routers allows remote attackers to e
286	CVE-2025-21286	3.28%	86.9th	8.8		This is a heap-based buffer overflow vulnerability in Windows Telephony Service that allows remote a
287	CVE-2025-10985	3.22%	86.7th	7.2		This CVE describes an OS command injection vulnerability in Ivanti EPMM admin panel that allows auth
288	CVE-2025-10242	3.22%	86.7th	7.2		This vulnerability allows authenticated administrators in Ivanti EPMM to execute arbitrary operating
289	CVE-2024-2878	3.21%	86.7th	7.5		This vulnerability in GitLab CE/EE allows attackers to cause denial of service by crafting malicious
290	CVE-2025-15556	3.19%	86.7th	7.5	KEV	This vulnerability allows attackers to intercept Notepad++ update traffic and replace legitimate upd
291	CVE-2025-26326	3.16%	86.6th	8.8		This vulnerability allows remote attackers to gain complete control of systems running vulnerable NV
292	CVE-2025-30358	3.12%	86.5th	8.1		A class pollution vulnerability in Mesop Python UI framework allows attackers to overwrite global va
293	CVE-2024-11465	3.07%	86.4th	7.2		The Custom Product Tabs for WooCommerce WordPress plugin is vulnerable to PHP object injection via i
294	CVE-2025-66644	3.06%	86.4th	7.2	KEV	This CVE describes a command injection vulnerability in Array Networks ArrayOS AG VPN appliances. At
295	CVE-2025-29039	3.04%	86.4th	7.2		This vulnerability allows remote attackers to execute arbitrary code on D-Link DIR-832x routers via
296	CVE-2024-37358	3.04%	86.4th	8.6		Apache James email servers are vulnerable to denial of service attacks where attackers can abuse IMA
297	CVE-2013-3307	3.04%	86.4th	8.3		This vulnerability allows remote attackers to execute arbitrary operating system commands on affecte
298	CVE-2025-21297	3%	86.3th	8.1		This vulnerability allows remote attackers to execute arbitrary code on Windows systems with Remote
299	CVE-2025-21295	3%	86.3th	8.1		This vulnerability allows remote attackers to execute arbitrary code on affected systems by exploiti
300	CVE-2024-7034	2.99%	86.2th	7.2		CVE-2024-7034 allows attackers to write arbitrary files on systems running vulnerable open-webui ver

← Previous Page 6 of 265 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free