Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
3001	CVE-2025-2905	0.05%	16th	9.1	This CVE describes an XML External Entity (XXE) vulnerability in multiple WSO2 products due to impro
3002	CVE-2025-53499	0.05%	16th	9.1	This CVE describes a missing authorization vulnerability in Wikimedia's MediaWiki AbuseFilter extens
3003	CVE-2025-53495	0.05%	16th	9.1	This CVE describes a Missing Authorization vulnerability in MediaWiki's AbuseFilter extension that a
3004	CVE-2025-55168	0.05%	16.2th	9.8	This SQL injection vulnerability in WeGIA allows attackers to execute arbitrary SQL commands through
3005	CVE-2025-30519	0.05%	16.1th	9.8	Dover Fueling Solutions ProGauge MagLink LX4 devices have hardcoded default root credentials that ca
3006	CVE-2026-20677	0.05%	15.9th	9.0	This CVE describes a race condition vulnerability in Apple operating systems that allows shortcuts t
3007	CVE-2020-37183	0.05%	16th	9.8	CVE-2020-37183 is a critical stack overflow vulnerability in Allok RM RMVB to AVI MPEG DVD Converter
3008	CVE-2020-37181	0.05%	16th	9.8	CVE-2020-37181 is a critical stack overflow vulnerability in Torrent FLV Converter 1.51 Build 117 th
3009	CVE-2020-37176	0.05%	16th	9.8	CVE-2020-37176 is a critical stack overflow vulnerability in Torrent 3GP Converter 1.51 that allows
3010	CVE-2025-22429	0.05%	16th	9.8	This CVE-2025-22429 is a critical logic error vulnerability in Android's framework base that allows
3011	CVE-2025-57140	0.05%	16th	9.8	CVE-2025-57140 is a critical SQL injection vulnerability in rsbi-pom 4.7 that allows attackers to ex
3012	CVE-2025-47699	0.05%	16th	9.9	This vulnerability in Gallagher Command Centre Server allows authenticated operators with limited si
3013	CVE-2025-59951	0.05%	16th	9.1	A critical authentication bypass vulnerability in Termix versions 1.5.0 and below allows unauthentic
3014	CVE-2025-63453	0.05%	16.1th	9.8	Car-Booking-System-PHP v1.0 contains a SQL injection vulnerability in the contact.php endpoint that
3015	CVE-2025-63451	0.05%	16.1th	9.8	Car-Booking-System-PHP v1.0 contains a SQL injection vulnerability in the sign-in page that allows a
3016	CVE-2024-58311	0.05%	16.1th	9.8	The Dormakaba Saflok System 6000 uses a predictable key generation algorithm that allows attackers t
3017	CVE-2025-14265	0.05%	16.2th	9.1	This vulnerability allows authorized or administrative users to install and execute untrusted extens
3018	CVE-2026-1188	0.05%	16.2th	9.8	CVE-2026-1188 is a buffer overflow vulnerability in Eclipse OMR's port library component where an AP
3019	CVE-2025-67944	0.05%	15.9th	9.1	This vulnerability allows attackers to execute arbitrary code on WordPress sites running the vulnera
3020	CVE-2025-64097	0.05%	16.2th	9.8	This vulnerability in NervesHub allows attackers to brute-force user API tokens due to their predict
3021	CVE-2026-24832	0.05%	16.2th	9.8	CVE-2026-24832 is an out-of-bounds write vulnerability in ixray-team's ixray-1.6-stcop software that
3022	CVE-2025-29628	0.05%	15.8th	9.4	CVE-2025-29628 is a command injection vulnerability in Gardyn 4 that allows remote attackers to exec
3023	CVE-2025-53371	0.05%	15.7th	9.1	DiscordNotifications MediaWiki extension versions before commit 1f20d850cbcce5b15951c7c6127b87b927a5
3024	CVE-2025-58059	0.05%	15.7th	9.1	This vulnerability allows authenticated admin users with process-definition creation/modification pr
3025	CVE-2025-48100	0.05%	15.7th	9.1	This vulnerability allows remote attackers to execute arbitrary code on WordPress sites running the
3026	CVE-2025-34157	0.05%	15.8th	9.0	Coolify versions before v4.0.0-beta.420.6 contain a stored XSS vulnerability where authenticated use
3027	CVE-2025-47579	0.05%	15.9th	9.0	This vulnerability allows unauthenticated attackers to execute arbitrary PHP code through deserializ
3028	CVE-2025-22956	0.05%	15.9th	9.8	OPSI versions before 4.3 allow any client to access ProductPropertyState data belonging to other cli
3029	CVE-2025-8053	0.05%	15.9th	9.1	This CVE describes an access control vulnerability in OpenText Flipper where low-privilege users can
3030	CVE-2025-63452	0.05%	15.6th	9.4	Car-Booking-System-PHP v1.0 contains a SQL injection vulnerability in the password reset functionali
3031	CVE-2025-66844	0.05%	15.8th	9.1	This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in Grav CMS versions before 1.
3032	CVE-2026-25804	0.05%	15.7th	9.1	This vulnerability in Antrea's network policy priority assignment system causes incorrect traffic en
3033	CVE-2025-69312	0.05%	15.9th	9.1	This vulnerability allows attackers to upload arbitrary files, including web shells, to WordPress si
3034	CVE-2026-23523	0.05%	15.9th	9.6	This vulnerability in the Dive MCP Host Desktop Application allows attackers to install malicious MC
3035	CVE-2025-67084	0.05%	15.8th	9.9	This vulnerability allows authenticated attackers to upload malicious PHP files as attachments in In
3036	CVE-2025-32977	0.05%	15.3th	9.6	This vulnerability allows unauthenticated attackers to upload malicious backup files to Quest KACE S
3037	CVE-2025-49084	0.05%	15.5th	9.1	CVE-2025-49084 allows attackers with administrative access to the Absolute Secure Access management
3038	CVE-2025-55050	0.05%	15.4th	9.8	This vulnerability involves undocumented features in software that can be exploited by attackers to
3039	CVE-2025-32486	0.05%	15.4th	9.8	This vulnerability allows attackers to bypass password recovery mechanisms in Hossein Material Dashb
3040	CVE-2025-41108	0.05%	15.3th	9.8	CVE-2025-41108 allows attackers to gain full unauthorized control of Ghost Robotics Vision 60 robots
3041	CVE-2025-8025	0.05%	15.5th	9.8	This vulnerability allows unauthenticated attackers to access critical functions in Dinosoft ERP wit
3042	CVE-2025-9312	0.05%	15.4th	9.8	A missing authentication enforcement vulnerability in WSO2 products allows unauthenticated access to
3043	CVE-2025-68118	0.05%	15.3th	9.1	This vulnerability in FreeRDP allows attackers to cause heap-based out-of-bounds memory reads by con
3044	CVE-2025-67781	0.05%	15.5th	9.9	This vulnerability allows local unprivileged users on Windows systems to manipulate privileged Drive
3045	CVE-2025-11022	0.05%	15.6th	9.6	A Cross-Site Request Forgery (CSRF) vulnerability in Personal Project Panilux allows attackers to tr
3046	CVE-2025-13872	0.05%	15.5th	9.1	This vulnerability allows attackers to perform blind Server-Side Request Forgery (SSRF) attacks thro
3047	CVE-2025-65836	0.05%	15.6th	9.1	PublicCMS V5.202506.b contains a Server-Side Request Forgery (SSRF) vulnerability in the chat interf
3048	CVE-2026-21264	0.05%	15.4th	9.3	This cross-site scripting (XSS) vulnerability in Microsoft Account allows attackers to inject malici
3049	CVE-2024-8487	0.05%	15th	9.8	This CVE describes a Cross-Origin Resource Sharing (CORS) misconfiguration in modelscope/agentscope
3050	CVE-2025-30466	0.05%	15.1th	9.8	This vulnerability allows malicious websites to bypass the Same Origin Policy in Apple's Safari brow

← Previous Page 61 of 70 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free