Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
3051	CVE-2024-52928	0.05%	15.2th	9.6	This vulnerability in the Arc browser for Windows allows websites with previously granted permission
3052	CVE-2025-52467	0.05%	15.2th	9.1	This vulnerability in the pgai Python library allowed attackers to exfiltrate all secrets used in a
3053	CVE-2025-53527	0.05%	14.9th	9.8	A time-based blind SQL injection vulnerability exists in the WeGIA web manager for charitable instit
3054	CVE-2025-52095	0.05%	15.1th	9.8	This vulnerability in PDQ Smart Deploy allows attackers to decrypt stored credentials using static e
3055	CVE-2025-22470	0.05%	15th	9.8	This vulnerability allows attackers to upload malicious Lua script files to affected SATO CL4/6NX Pl
3056	CVE-2025-6000	0.05%	15.1th	9.1	A privileged Vault operator with write permission to the sys/audit endpoint can execute arbitrary co
3057	CVE-2025-40804	0.05%	15th	9.1	SIMATIC Virtualization as a Service (SIVaaS) exposes an unauthenticated network share, allowing atta
3058	CVE-2025-43017	0.05%	15.1th	9.8	HP ThinPro 8.1's system management application fails to properly verify user identities, allowing at
3059	CVE-2025-35028	0.05%	15th	9.1	This vulnerability allows remote command injection in the HexStrike AI MCP server. Attackers can exe
3060	CVE-2024-44659	0.05%	15.2th	9.8	PHPGurukul Online Shopping Portal 2.0 contains a SQL injection vulnerability in the forgot-password.
3061	CVE-2025-12735	0.05%	15th	9.8	CVE-2025-12735 is a critical remote code execution vulnerability in the expr-eval JavaScript library
3062	CVE-2026-2234	0.05%	15.1th	9.1	CVE-2026-2234 is a missing authentication vulnerability in HGiga's C&Cm@il software that allows unau
3063	CVE-2025-68112	0.05%	15th	9.6	ChurchCRM versions before 6.5.3 contain a SQL injection vulnerability in the Event Attendee Editor t
3064	CVE-2025-67787	0.05%	15.1th	9.6	A Cross-Site Scripting (XSS) vulnerability in DriveLock Operations Center versions 25.1.2 through 25
3065	CVE-2025-64081	0.05%	15.2th	9.8	This SQL injection vulnerability allows attackers to execute arbitrary SQL commands through the appo
3066	CVE-2025-60736	0.05%	15.2th	9.8	Online Medicine Guide 1.0 contains a SQL injection vulnerability in the login.php page's upass param
3067	CVE-2025-65358	0.05%	15.2th	9.8	CVE-2025-65358 is a SQL injection vulnerability in Edoc Doctor Appointment System v1.0.1 that allows
3068	CVE-2025-69565	0.05%	15.2th	9.8	CVE-2025-69565 is an unrestricted file upload vulnerability in code-projects Mobile Shop Management
3069	CVE-2026-22252	0.05%	14.9th	9.1	This critical vulnerability in LibreChat allows authenticated users to execute arbitrary shell comma
3070	CVE-2025-4658	0.05%	14.7th	9.8	This vulnerability allows attackers to bypass signature verification in OpenPubkey library by crafti
3071	CVE-2024-45347	0.05%	14.7th	9.6	This vulnerability allows attackers to bypass authentication in Xiaomi Mi Connect Service APP due to
3072	CVE-2025-40916	0.05%	14.7th	9.1	CVE-2025-40916 is a cryptographic weakness in Mojolicious::Plugin::CaptchaPNG version 1.05 for Perl,
3073	CVE-2025-4517	0.05%	14.8th	9.4	This vulnerability in Python's tarfile module allows attackers to write arbitrary files outside the
3074	CVE-2025-39467	0.05%	14.6th	9.8	This CVE describes a path traversal vulnerability in the Mikado-Themes Wanderland WordPress theme th
3075	CVE-2025-69234	0.05%	14.9th	9.1	This vulnerability in Whale browser allows attackers to escape iframe sandbox restrictions in sideba
3076	CVE-2024-25181	0.05%	14.8th	9.1	CVE-2024-25181 is a critical vulnerability in givanz VvvebJs 1.7.2 that allows attackers to perform
3077	CVE-2025-68270	0.05%	14.9th	9.9	This vulnerability in Open edX Platform allows CourseLimitedStaffRole users to access and edit cours
3078	CVE-2025-36752	0.05%	14.8th	9.8	The Growatt ShineLan-X communication dongle contains an undocumented backup account with hardcoded c
3079	CVE-2025-36747	0.05%	14.8th	9.8	CVE-2025-36747 is a critical vulnerability in ShineLan-X firmware where hardcoded FTP credentials al
3080	CVE-2026-25641	0.05%	14.7th	10.0	CVE-2026-25641 is a sandbox escape vulnerability in SandboxJS library versions before 0.8.29. Attack
3081	CVE-2025-61546	0.05%	14.6th	9.1	This vulnerability in Print Shop Pro WebDesk allows remote attackers to purchase items with negative
3082	CVE-2026-25115	0.05%	14.7th	9.9	This vulnerability in n8n's Python Code node allows authenticated users to escape the Python sandbox
3083	CVE-2025-43273	0.05%	14.3th	9.1	A sandbox escape vulnerability in macOS allows sandboxed processes to bypass security restrictions.
3084	CVE-2025-27217	0.05%	14.4th	9.1	This Server-Side Request Forgery (SSRF) vulnerability in the UISP Application allows authenticated a
3085	CVE-2025-55048	0.05%	14.3th	9.8	This CVE-2025-55048 vulnerability involves multiple instances of CWE-78 (Improper Neutralization of
3086	CVE-2025-12217	0.05%	14.4th	9.1	This vulnerability involves BLU-IC2 and BLU-IC4 devices using the default SNMP community string 'pub
3087	CVE-2025-62717	0.05%	14.4th	9.1	Emlog Pro 2.5.23 has a session verification code error that allows attackers to reuse email verifica
3088	CVE-2026-1774	0.05%	14.4th	9.8	CASL Ability versions 2.4.0 through 6.7.4 contain a prototype pollution vulnerability that allows at
3089	CVE-2025-64709	0.05%	14.6th	9.6	This SSRF vulnerability in Typebot allows authenticated users to make arbitrary HTTP requests from t
3090	CVE-2025-65236	0.05%	14.2th	9.8	This SQL injection vulnerability in OpenCode Systems USSD Gateway allows attackers to execute arbitr
3091	CVE-2025-65235	0.05%	14.2th	9.8	This SQL injection vulnerability in OpenCode Systems USSD Gateway allows attackers to execute arbitr
3092	CVE-2026-25814	0.05%	14.4th	9.8	PlaciPy version 1.0.0 passes user-controlled query parameters directly into DynamoDB query/filter co
3093	CVE-2025-64522	0.05%	14.4th	9.1	Soft Serve versions before 0.11.1 have a server-side request forgery (SSRF) vulnerability where repo
3094	CVE-2025-66606	0.05%	14.4th	9.6	A URL encoding vulnerability in Yokogawa's FAST/TOOLS industrial control system allows attackers to
3095	CVE-2025-68986	0.05%	14.5th	9.9	This vulnerability allows attackers to upload arbitrary files, including web shells, to servers runn
3096	CVE-2025-68910	0.05%	14.5th	9.9	This vulnerability allows attackers to upload malicious files to WordPress sites using the Blogzee t
3097	CVE-2025-68909	0.05%	14.5th	9.9	CVE-2025-68909 is an arbitrary file upload vulnerability in the Blogistic WordPress theme that allow
3098	CVE-2025-67968	0.05%	14.5th	9.9	This vulnerability allows attackers to upload malicious files to WordPress sites using the Real Home
3099	CVE-2025-62056	0.05%	14.5th	9.9	The WordPress News Event theme (versions up to 1.0.1) contains an unrestricted file upload vulnerabi
3100	CVE-2025-62050	0.05%	14.5th	9.9	This vulnerability allows attackers to upload arbitrary files to WordPress sites using the Blogmatic

← Previous Page 62 of 70 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free