Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
3101	CVE-2024-54470	0.1%	27.8th	4.6	This CVE describes a lock screen bypass vulnerability in Apple iOS and iPadOS that allows an attacke
3102	CVE-2025-23018	0.1%	27.3th	5.4	This vulnerability allows attackers to spoof and route arbitrary network traffic through systems wit
3103	CVE-2024-12519	0.1%	27.8th	6.4	The TCBD Auto Refresher WordPress plugin has a stored cross-site scripting vulnerability that allows
3104	CVE-2024-12699	0.1%	27.8th	6.4	The Service Box plugin for WordPress has a stored XSS vulnerability that allows authenticated attack
3105	CVE-2024-11445	0.1%	27.8th	6.4	This stored XSS vulnerability in the WordPress Image Magnify plugin allows authenticated attackers w
3106	CVE-2024-45559	0.1%	27.8th	5.5	This vulnerability allows a denial-of-service (DoS) condition in Qualcomm's GVM (Guest Virtual Machi
3107	CVE-2025-27810	0.1%	27.3th	5.4	This vulnerability in Mbed TLS occurs when memory allocation fails or hardware errors happen, causin
3108	CVE-2025-2591	0.1%	27.8th	4.3	A divide-by-zero vulnerability in Assimp's MDL file parser allows remote attackers to cause denial o
3109	CVE-2025-2565	0.1%	27.3th	4.3	This vulnerability allows unauthorized users to access form entry data in affected Liferay versions.
3110	CVE-2024-10330	0.1%	27.8th	6.5	In lunary-ai/lunary version 1.5.6, the /v1/evaluators/ endpoint lacks proper access control, allowin
3111	CVE-2025-2344	0.1%	27.3th	5.3	This critical vulnerability in IROAD Dash Cam X5 and X6 allows remote attackers to access video foot
3112	CVE-2025-2278	0.1%	27.8th	6.5	This vulnerability allows authenticated users in Devolutions Server to access temporary access and c
3113	CVE-2025-27401	0.1%	27.8th	4.6	This vulnerability in Tuleap allows authenticated users with access to any tracker to delete all cri
3114	CVE-2025-29769	0.1%	27.3th	5.5	A heap buffer overflow vulnerability in libvips' heifsave operation when processing specially crafte
3115	CVE-2025-48943	0.1%	27.3th	6.5	This CVE describes a Regular Expression Denial of Service (ReDoS) vulnerability in vLLM versions 0.8
3116	CVE-2025-5266	0.1%	27.8th	4.3	This CVE describes an XS-Leaks (Cross-Site Leaks) vulnerability in Firefox and Thunderbird where scr
3117	CVE-2023-7196	0.1%	27.8th	4.3	This vulnerability allows attackers to trick WordPress administrators into changing the Ultimate Noi
3118	CVE-2025-43214	0.1%	27.3th	6.5	This CVE describes a memory handling vulnerability in Apple's Safari browser and related WebKit comp
3119	CVE-2025-20320	0.1%	27.8th	6.3	A path traversal vulnerability in Splunk Enterprise and Cloud Platform allows low-privileged users t
3120	CVE-2025-35034	0.1%	27.3th	4.3	Medical Informatics Engineering Enterprise Health has a reflected cross-site scripting (XSS) vulnera
3121	CVE-2025-56435	0.1%	27.7th	5.3	A SQL injection vulnerability in FoxCMS v1.2.6 and earlier allows remote attackers to execute arbitr
3122	CVE-2025-58579	0.1%	27.8th	5.3	This vulnerability allows unauthenticated attackers to query an endpoint without proper authenticati
3123	CVE-2026-23903	0.1%	27.8th	5.3	This CVE describes an authentication bypass vulnerability in Apache Shiro where attackers can access
3124	CVE-2025-12469	0.1%	27.8th	4.3	This vulnerability allows authenticated WordPress users with Subscriber-level access or higher to se
3125	CVE-2025-11363	0.1%	27.8th	5.3	The Royal Addons for Elementor WordPress plugin before version 1.7.1037 lacks proper authorization c
3126	CVE-2026-23887	0.1%	27.8th	5.4	Group-Office versions 6.8.148 and below, and 25.0.1 through 25.0.79 have a stored XSS vulnerability
3127	CVE-2026-25050	0.1%	27.3th	5.3	This vulnerability allows attackers to enumerate valid user accounts (email addresses) in Vendure th
3128	CVE-2025-24784	0.1%	27.1th	4.3	CVE-2025-24784 is a privilege escalation vulnerability in kubewarden-controller where non-admin user
3129	CVE-2025-24140	0.1%	27.1th	5.3	This macOS vulnerability allows downloaded files to bypass the quarantine flag, which normally trigg
3130	CVE-2023-45908	0.1%	27.2th	6.1	Homarr versions before 0.14.0 contain a stored cross-site scripting (XSS) vulnerability in the Noteb
3131	CVE-2024-6466	0.1%	27.1th	5.3	This vulnerability in NEC WebSAM DeploymentManager allows attackers to reset configurations or resta
3132	CVE-2024-13243	0.1%	27.2th	6.5	This CVE describes a Missing Authorization vulnerability in the Drupal Entity Delete Log module that
3133	CVE-2025-1300	0.1%	27.1th	6.1	CodeChecker web server versions through 6.24.5 contain an open redirect vulnerability that allows at
3134	CVE-2025-1662	0.1%	27.1th	6.4	The URL Media Uploader WordPress plugin has a Server-Side Request Forgery (SSRF) vulnerability that
3135	CVE-2024-13832	0.1%	27.1th	4.3	The Ultra Addons Lite for Elementor WordPress plugin has an information exposure vulnerability that
3136	CVE-2025-1043	0.1%	27.1th	6.4	This Server-Side Request Forgery (SSRF) vulnerability in the Embed Any Document WordPress plugin all
3137	CVE-2024-13855	0.1%	27.1th	4.3	This vulnerability allows authenticated WordPress users with Contributor-level access or higher to b
3138	CVE-2024-13854	0.1%	27.1th	4.3	The Education Addon for Elementor WordPress plugin has an Insecure Direct Object Reference vulnerabi
3139	CVE-2024-13834	0.1%	27.1th	5.4	This vulnerability in the Responsive Plus WordPress plugin allows authenticated attackers with contr
3140	CVE-2025-0661	0.1%	27.1th	4.3	The DethemeKit For Elementor WordPress plugin allows authenticated attackers with Contributor-level
3141	CVE-2024-13120	0.1%	27.2th	4.8	This vulnerability allows high-privilege WordPress users (like administrators) to inject malicious s
3142	CVE-2025-1496	0.1%	27.1th	6.5	This vulnerability allows attackers to perform password brute-forcing attacks against BG-TEK Coslat
3143	CVE-2025-29427	0.1%	27.1th	5.9	This vulnerability allows attackers to inject malicious scripts into the profile.php page of Code-pr
3144	CVE-2024-13430	0.1%	27.1th	4.3	The Page Builder: Pagelayer WordPress plugin has an information exposure vulnerability that allows a
3145	CVE-2025-2061	0.1%	27.2th	4.3	This vulnerability allows attackers to inject malicious scripts into the Online Ticket Reservation S
3146	CVE-2025-27600	0.1%	27.2th	6.5	FastGPT's web crawling plugin lacks intranet IP verification, allowing attackers to make requests to
3147	CVE-2024-38797	0.1%	27.2th	4.6	EDK2's HashPeImageByType() function has an out-of-bounds read vulnerability when processing corrupte
3148	CVE-2025-5327	0.1%	27.3th	6.3	This critical SSRF vulnerability in chshcms mccms 2.7 allows attackers to manipulate the 'pic' param
3149	CVE-2025-43004	0.1%	27.1th	5.3	CVE-2025-43004 is a security misconfiguration vulnerability in SAP systems that allows unauthenticat
3150	CVE-2025-4538	0.1%	27.2th	6.3	CVE-2025-4538 is a critical unrestricted file upload vulnerability in kkFileView 4.4.0 that allows r

← Previous Page 63 of 331 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free