Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Flags	Summary
251	CVE-2025-5445	0.94%	75.8th	6.3		This critical vulnerability in Linksys RE series range extenders allows remote attackers to execute
252	CVE-2025-5443	0.94%	75.8th	6.3		This critical vulnerability in Linksys wireless range extenders allows remote attackers to execute a
253	CVE-2025-29830	0.94%	75.8th	6.5		CVE-2025-29830 is an information disclosure vulnerability in Windows Routing and Remote Access Servi
254	CVE-2025-4302	0.93%	75.7th	5.3		The Stop User Enumeration WordPress plugin before version 1.7.3 has an authentication bypass vulnera
255	CVE-2025-6174	0.92%	75.5th	6.1		This vulnerability allows attackers to inject malicious scripts via the '_stylesheet' parameter in t
256	CVE-2025-21253	0.92%	75.5th	5.3		Microsoft Edge for iOS and Android contains a spoofing vulnerability that could allow an attacker to
257	CVE-2024-53965	0.92%	75.5th	5.4		This DOM-based XSS vulnerability in Adobe Experience Manager allows low-privileged attackers to exec
258	CVE-2024-53963	0.92%	75.5th	5.4		This DOM-based XSS vulnerability in Adobe Experience Manager allows low-privileged attackers to exec
259	CVE-2025-52392	0.91%	75.3th	5.4		Soosyze CMS 2.0 has a brute-force vulnerability that allows attackers to make unlimited login attemp
260	CVE-2024-12132	0.91%	75.3th	4.3		This vulnerability in the WP Job Portal WordPress plugin allows authenticated users with Subscriber-
261	CVE-2025-7154	0.9%	75.3th	6.3		This critical vulnerability in TOTOLINK N200RE routers allows remote attackers to execute arbitrary
262	CVE-2025-5606	0.9%	75.2th	6.3		This critical vulnerability in Tenda AC18 routers allows remote attackers to execute arbitrary comma
263	CVE-2025-31140	0.89%	75.1th	4.6		This stored cross-site scripting (XSS) vulnerability in JetBrains TeamCity allows attackers to injec
264	CVE-2025-32050	0.88%	75th	5.9		A buffer under-read vulnerability in libsoup's append_param_quoted() function could allow attackers
265	CVE-2024-56411	0.87%	74.8th	5.4		PhpSpreadsheet versions before 3.7.0, 2.3.5, 2.1.6, and 1.29.7 have a cross-site scripting vulnerabi
266	CVE-2025-25069	0.87%	74.8th	6.5		A Cross-Protocol Scripting vulnerability in Apache Kvrocks allows HTTP requests to be interpreted as
267	CVE-2026-1690	0.85%	74.5th	4.7		This CVE describes a command injection vulnerability in Tenda HG10 routers affecting the /boaform/fo
268	CVE-2025-8464	0.85%	74.4th	5.3		This vulnerability in the Drag and Drop Multiple File Upload for Contact Form 7 WordPress plugin all
269	CVE-2025-13418	0.85%	74.4th	6.4		The Responsive Pricing Table WordPress plugin has a stored XSS vulnerability in all versions up to 5
270	CVE-2024-9354	0.84%	74.3th	6.1		The Estatik Mortgage Calculator WordPress plugin contains a reflected cross-site scripting vulnerabi
271	CVE-2025-0242	0.84%	74.3th	6.5		This CVE describes memory safety bugs in Mozilla Firefox and Thunderbird that could lead to memory c
272	CVE-2025-27190	0.84%	74.3th	5.3		This CVE describes an Improper Access Control vulnerability in Adobe Commerce that allows attackers
273	CVE-2024-12334	0.84%	74.3th	6.1		This vulnerability allows unauthenticated attackers to inject malicious scripts via URL parameters i
274	CVE-2026-1625	0.84%	74.2th	6.3		This CVE describes a command injection vulnerability in D-Link DWR-M961 routers that allows remote a
275	CVE-2026-1624	0.84%	74.2th	6.3		This CVE describes a command injection vulnerability in D-Link DWR-M961 routers that allows remote a
276	CVE-2024-13538	0.83%	74.1th	5.3		The BigBuy Dropshipping Connector for WooCommerce WordPress plugin discloses the full server path th
277	CVE-2026-1638	0.83%	74.1th	6.3		This CVE describes a remote command injection vulnerability in Tenda AC21 routers. Attackers can exe
278	CVE-2025-24216	0.82%	74th	4.3		This CVE describes a memory handling vulnerability in Apple's Safari browser and related operating s
279	CVE-2025-53364	0.81%	73.8th	5.3		Parse Server's GraphQL API exposed schema metadata without authentication in versions 5.3.0 through
280	CVE-2025-1976	0.8%	73.6th	6.7	KEV	This vulnerability allows local admin users on Brocade Fabric OS to escalate privileges to root leve
281	CVE-2025-2174	0.8%	73.5th	5.3		An integer overflow vulnerability in libzvbi's vbi_strndup_iconv_ucs2 function allows remote attacke
282	CVE-2025-32726	0.79%	73.4th	6.8		This vulnerability in Visual Studio Code allows an authenticated local attacker to bypass access con
283	CVE-2024-12403	0.79%	73.4th	6.1		This vulnerability allows unauthenticated attackers to perform reflected cross-site scripting attack
284	CVE-2024-11327	0.79%	73.4th	6.1		This vulnerability allows unauthenticated attackers to inject malicious scripts into WordPress pages
285	CVE-2025-37094	0.79%	73.3th	5.5		This vulnerability allows attackers to delete arbitrary files on HPE StoreOnce backup appliances thr
286	CVE-2025-14208	0.77%	73.1th	6.3		This CVE describes a command injection vulnerability in D-Link DIR-823X routers where attackers can
287	CVE-2025-2581	0.77%	73.1th	4.3		An integer underflow vulnerability in xmedcon's DICOM file handler allows remote attackers to potent
288	CVE-2025-1609	0.76%	73th	6.3		This CVE describes a critical OS command injection vulnerability in LB-LINK AC1900 routers. Attacker
289	CVE-2025-27716	0.76%	72.9th	6.5		A path traversal vulnerability in the HGW-BL1500HM gateway's USB file-sharing function allows attack
290	CVE-2025-47204	0.76%	72.9th	6.1		This vulnerability in bootstrap-multiselect 1.1.2 allows attackers to execute arbitrary JavaScript c
291	CVE-2025-0864	0.76%	72.8th	6.1		This vulnerability allows unauthenticated attackers to perform reflected cross-site scripting (XSS)
292	CVE-2023-39339	0.76%	72.8th	4.9		This vulnerability allows authenticated administrators on Ivanti Policy Secure to read arbitrary fil
293	CVE-2024-13993	0.75%	72.6th	6.1		Nagios XI versions before 2024R1.1.2 have a reflected cross-site scripting (XSS) vulnerability on th
294	CVE-2024-38311	0.75%	72.6th	6.3		Apache Traffic Server has an improper input validation vulnerability that could allow attackers to c
295	CVE-2024-54145	0.74%	72.6th	6.3		CVE-2024-54145 is a SQL injection vulnerability in Cacti's automation_devices.php file that allows a
296	CVE-2025-2549	0.74%	72.5th	4.3		This CVE describes an improper access control vulnerability in D-Link DIR-618 and DIR-605L routers a
297	CVE-2023-3708	0.74%	72.5th	6.1		This vulnerability allows unauthenticated attackers to perform reflected cross-site scripting (XSS)
298	CVE-2024-13992	0.74%	72.5th	5.4		Nagios XI versions before 2024R1.1 contain a reflected cross-site scripting (XSS) vulnerability in t
299	CVE-2024-14001	0.74%	72.5th	5.4		Nagios XI versions before 2024R1.1.3 are vulnerable to cross-site scripting (XSS) in the Executive S
300	CVE-2024-14000	0.74%	72.5th	5.4		Nagios XI versions before 2024R1.1.3 contain a cross-site scripting vulnerability in the Capacity Pl

← Previous Page 6 of 331 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free