Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 3051 | CVE-2025-58153 |
|
28.2th | 5.9 | This vulnerability causes hardware systems with a High-Speed Bridge (HSB) to lock up under specific | |
| 3052 | CVE-2024-10604 |
|
28.1th | 5.3 | This vulnerability in Fuchsia OS allows attackers to predict network protocol header values like TCP | |
| 3053 | CVE-2024-56178 |
|
28th | 6.5 | This vulnerability allows users with the security_admin_local role in Couchbase Server to create new | |
| 3054 | CVE-2023-32340 |
|
28.1th | 4.6 | This cross-site scripting (XSS) vulnerability in IBM Sterling B2B Integrator allows attackers to inj | |
| 3055 | CVE-2025-21517 |
|
28.1th | 4.3 | This vulnerability in Oracle JD Edwards EnterpriseOne Tools allows authenticated attackers with low | |
| 3056 | CVE-2025-0446 |
|
28.1th | 4.3 | This vulnerability allows malicious Chrome extensions to spoof user interface elements through speci | |
| 3057 | CVE-2024-55894 |
|
28th | 4.3 | This CSRF vulnerability in TYPO3's backend user interface allows attackers to perform unauthorized p | |
| 3058 | CVE-2024-9702 |
|
28.1th | 6.4 | This vulnerability allows authenticated WordPress users with contributor-level access or higher to i | |
| 3059 | CVE-2023-51337 |
|
28th | 5.4 | PHPJabbers Event Ticketing System v1.0 contains a reflected cross-site scripting vulnerability in th | |
| 3060 | CVE-2023-51306 |
|
28th | 5.4 | PHPJabbers Event Ticketing System v1.0 contains stored cross-site scripting vulnerabilities in the ' | |
| 3061 | CVE-2024-12777 |
|
28.1th | 5.9 | This vulnerability in aimhubio/aim version 3.25.0 allows attackers to cause denial of service by exp | |
| 3062 | CVE-2025-1472 |
|
28.1th | 4.3 | Mattermost versions 9.11.x through 9.11.8 have an authorization flaw where users with the Viewer rol | |
| 3063 | CVE-2025-46247 |
|
28th | 5.3 | This CVE describes a missing authorization vulnerability in the Appointment Booking Calendar WordPre | |
| 3064 | CVE-2025-30301 |
|
28th | 5.5 | Adobe Framemaker versions 2020.8, 2022.6 and earlier contain a NULL pointer dereference vulnerabilit | |
| 3065 | CVE-2024-13930 |
|
28.1th | 4.9 | An unchecked loop condition vulnerability in ASPECT products allows attackers with compromised sessi | |
| 3066 | CVE-2025-58364 |
|
28.1th | 6.5 | CVE-2025-58364 is a remote denial-of-service vulnerability in OpenPrinting CUPS affecting versions 2 | |
| 3067 | CVE-2025-54941 |
|
28.1th | 4.6 | This CVE describes an OS command injection vulnerability in Apache Airflow's example_dag_decorator w | |
| 3068 | CVE-2025-61583 |
|
28th | 4.3 | A reflected cross-site scripting (XSS) vulnerability in TS3 Manager versions 2.2.1 and earlier allow | |
| 3069 | CVE-2025-62482 |
|
28th | 4.3 | A cross-site scripting vulnerability in Zoom Workplace for Windows allows unauthenticated attackers | |
| 3070 | CVE-2025-22119 |
|
28.1th | 5.5 | A race condition vulnerability in the Linux kernel's cfg80211 WiFi subsystem where wiphy_work_lock i | |
| 3071 | CVE-2025-0742 |
|
27.9th | 5.8 | An Improper Access Control vulnerability in EmbedAI 2.1 and earlier allows authenticated attackers t | |
| 3072 | CVE-2024-13732 |
|
27.9th | 6.4 | This stored XSS vulnerability in the Responsive Blocks WordPress plugin allows authenticated attacke | |
| 3073 | CVE-2024-57513 |
|
27.9th | 6.5 | A floating-point exception vulnerability in Bento4's AP4_TfraAtom function allows attackers to cause | |
| 3074 | CVE-2025-21615 |
|
27.9th | 5.5 | CVE-2025-21615 allows malicious apps on the same Android device to exfiltrate sensitive GPS tracking | |
| 3075 | CVE-2023-46309 |
|
27.9th | 5.3 | This CVE describes a Missing Authorization vulnerability in the wpDiscuz WordPress plugin that allow | |
| 3076 | CVE-2025-1450 |
|
27.9th | 6.4 | This vulnerability allows authenticated attackers with Contributor-level access or higher to inject | |
| 3077 | CVE-2025-0897 |
|
27.9th | 6.4 | The Modal Window WordPress plugin has a stored XSS vulnerability in versions up to 6.1.5. Authentica | |
| 3078 | CVE-2025-1005 |
|
27.9th | 6.4 | This stored XSS vulnerability in the ElementsKit Elementor addons plugin allows authenticated WordPr | |
| 3079 | CVE-2024-11829 |
|
27.9th | 6.4 | This vulnerability allows authenticated attackers with Contributor-level access or higher to inject | |
| 3080 | CVE-2025-0694 |
|
27.9th | 6.6 | CVE-2025-0694 is a path traversal vulnerability in CODESYS Control that allows attackers with physic | |
| 3081 | CVE-2025-0512 |
|
27.9th | 6.4 | This vulnerability allows authenticated WordPress users with contributor-level access or higher to i | |
| 3082 | CVE-2025-5096 |
|
27.9th | 6.4 | The TablePress WordPress plugin has a DOM-based stored XSS vulnerability in versions up to 3.1.2. Au | |
| 3083 | CVE-2025-54939 |
|
27.9th | 5.3 | CVE-2025-54939 is a memory leak vulnerability in LiteSpeed's LSQUIC library that occurs when process | |
| 3084 | CVE-2025-56760 |
|
27.9th | 4.3 | This vulnerability allows attackers to write arbitrary files to the server when Memos 0.22 is config | |
| 3085 | CVE-2025-11638 |
|
28th | 4.3 | A vulnerability in Tomofun Furbo 360 and Furbo Mini pet cameras allows attackers on the same local n | |
| 3086 | CVE-2025-12170 |
|
28th | 5.3 | The Checkbox plugin for WordPress has an unauthenticated AJAX endpoint that allows attackers to clea | |
| 3087 | CVE-2025-12392 |
|
28th | 5.3 | The Cryptocurrency Payment Gateway for WooCommerce WordPress plugin has an authorization bypass vuln | |
| 3088 | CVE-2025-12391 |
|
28th | 5.3 | The Restrictions for BuddyPress WordPress plugin has an authentication bypass vulnerability that all | |
| 3089 | CVE-2025-12892 |
|
28th | 5.3 | The Survey Maker WordPress plugin allows unauthenticated attackers to modify the ays_survey_maker_up | |
| 3090 | CVE-2025-9227 |
|
27.9th | 6.5 | This stored XSS vulnerability in ManageEngine OpManager's SNMP trap processor allows attackers to in | |
| 3091 | CVE-2025-12353 |
|
28th | 5.3 | The WPFunnels WordPress plugin has an authorization bypass vulnerability that allows unauthenticated | |
| 3092 | CVE-2025-13407 |
|
27.9th | 6.8 | The Gravity Forms WordPress plugin before version 2.9.23.1 contains a file upload vulnerability in i | |
| 3093 | CVE-2025-13754 |
|
27.9th | 5.3 | This vulnerability allows unauthenticated attackers to access sensitive configuration data from the | |
| 3094 | CVE-2025-12876 |
|
28th | 5.3 | The Projectopia WordPress plugin has an authentication bypass vulnerability that allows unauthentica | |
| 3095 | CVE-2026-0950 |
|
27.9th | 5.3 | The Spectra Gutenberg Blocks plugin for WordPress has an information disclosure vulnerability that a | |
| 3096 | CVE-2024-12817 |
|
27.8th | 6.4 | The Etsy Importer WordPress plugin has a stored XSS vulnerability that allows authenticated attacker | |
| 3097 | CVE-2024-11825 |
|
27.8th | 6.4 | The Broadstreet WordPress plugin has a stored XSS vulnerability in the 'zone' parameter that allows | |
| 3098 | CVE-2025-21541 |
|
27.8th | 5.4 | This vulnerability in Oracle Workflow (part of Oracle E-Business Suite) allows authenticated attacke | |
| 3099 | CVE-2025-21539 |
|
27.8th | 5.4 | This vulnerability in Oracle PeopleSoft Enterprise FIN eSettlements 9.2 allows authenticated attacke | |
| 3100 | CVE-2025-21537 |
|
27.8th | 5.4 | This vulnerability in Oracle PeopleSoft Enterprise FIN Cash Management allows authenticated attacker |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free