Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
3151	CVE-2025-67520	0.04%	13.2th	9.8	This SQL injection vulnerability in the WordPress Media Library Tools plugin allows attackers to exe
3152	CVE-2025-67519	0.04%	13.2th	9.8	This SQL injection vulnerability in the Ninja Tables WordPress plugin allows attackers to execute ar
3153	CVE-2025-67518	0.04%	13.2th	9.8	This SQL injection vulnerability in LambertGroup Accordion Slider PRO WordPress plugin allows attack
3154	CVE-2025-67517	0.04%	13.2th	9.8	This SQL injection vulnerability in the ArtPlacer Widget WordPress plugin allows attackers to execut
3155	CVE-2025-67516	0.04%	13.2th	9.8	This SQL injection vulnerability in the Agile Logix Store Locator WordPress plugin allows attackers
3156	CVE-2025-12504	0.04%	13.2th	9.8	This SQL injection vulnerability in Talent Software UNIS allows attackers to execute arbitrary SQL c
3157	CVE-2026-1363	0.04%	13.2th	9.8	This vulnerability allows unauthenticated remote attackers to bypass authentication and gain adminis
3158	CVE-2025-67928	0.04%	13.2th	9.8	This SQL injection vulnerability in the Automotive Listings WordPress plugin allows attackers to exe
3159	CVE-2025-67921	0.04%	13.2th	9.8	This SQL injection vulnerability in the VanKarWai Lobo WordPress theme allows attackers to execute a
3160	CVE-2025-23993	0.04%	13.2th	9.8	This SQL injection vulnerability in the Felan Framework WordPress plugin allows attackers to execute
3161	CVE-2025-22728	0.04%	13.2th	9.8	This SQL injection vulnerability in the Workreap WordPress theme plugin allows attackers to execute
3162	CVE-2025-22713	0.04%	13.2th	9.8	This SQL injection vulnerability in the WooCommerce Orders & Customers Exporter plugin allows attack
3163	CVE-2025-49603	0.04%	13.1th	9.1	This vulnerability allows unauthorized access to device groups in Northern.tech Mender Server due to
3164	CVE-2025-54419	0.04%	13.1th	10.0	CVE-2025-54419 is a critical authentication bypass vulnerability in Node-SAML library versions 5.0.1
3165	CVE-2025-14014	0.04%	12.8th	9.8	This vulnerability allows attackers to upload malicious files to NTN Smart Panel systems, bypassing
3166	CVE-2025-54145	0.04%	12.8th	9.1	This vulnerability in Firefox for iOS allows malicious websites to be opened automatically when user
3167	CVE-2025-12059	0.04%	12.8th	9.8	This vulnerability allows attackers to insert sensitive information into externally accessible files
3168	CVE-2025-68668	0.04%	12.8th	9.9	This CVE describes a sandbox bypass vulnerability in n8n's Python Code Node that allows authenticate
3169	CVE-2025-68600	0.04%	12.9th	9.1	This Server-Side Request Forgery (SSRF) vulnerability in the Link Library WordPress plugin allows at
3170	CVE-2025-68535	0.04%	12.9th	9.1	This CVE describes a missing authorization vulnerability in the Sunshine Photo Cart WordPress plugin
3171	CVE-2025-68511	0.04%	12.9th	9.1	This CVE describes a missing authorization vulnerability in the Gutenverse Form WordPress plugin tha
3172	CVE-2025-68508	0.04%	12.9th	9.1	This CVE describes a missing authorization vulnerability in the Brave Popup Builder WordPress plugin
3173	CVE-2025-68500	0.04%	12.9th	9.1	This SSRF vulnerability in the bdthemes Prime Slider WordPress plugin allows attackers to make unaut
3174	CVE-2025-67623	0.04%	12.9th	9.1	This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in the 6Storage Rentals WordPr
3175	CVE-2025-60062	0.04%	12.8th	9.4	This SQL injection vulnerability in the tPlayer WordPress plugin allows attackers to execute arbitra
3176	CVE-2025-66131	0.04%	12.9th	9.1	This CVE describes a Missing Authorization vulnerability in the Yaad Sarig Payment Gateway for WooCo
3177	CVE-2025-59947	0.04%	13th	9.0	NanoMQ versions before 0.24.4 contain a buffer overflow vulnerability when PUBLISH packets trigger b
3178	CVE-2025-66570	0.04%	12.8th	10.0	This vulnerability in cpp-httplib allows attackers to inject HTTP headers (REMOTE_ADDR, REMOTE_PORT,
3179	CVE-2025-65896	0.04%	12.8th	9.8	This SQL injection vulnerability in the asyncmy Python library allows attackers to execute arbitrary
3180	CVE-2025-69602	0.04%	12.9th	9.1	A session fixation vulnerability in 66biolinks v62.0.0 allows attackers to hijack authenticated user
3181	CVE-2025-40554	0.04%	13th	9.8	SolarWinds Web Help Desk contains an authentication bypass vulnerability that allows attackers to ex
3182	CVE-2026-1181	0.04%	13.1th	9.0	Altium 365 workspace endpoints have an overly permissive CORS policy that allows credentialed cross-
3183	CVE-2025-14598	0.04%	13th	9.8	BeeS Software Solutions BET Portal contains a critical SQL injection vulnerability in its login func
3184	CVE-2025-22726	0.04%	12.9th	9.1	This SSRF vulnerability in the nK Themes Helper WordPress plugin allows attackers to make the vulner
3185	CVE-2025-32303	0.04%	12.8th	9.3	This SQL injection vulnerability in the WPCHURCH WordPress plugin allows attackers to execute arbitr
3186	CVE-2025-69970	0.04%	13th	9.3	FUXA v1.2.7 has an insecure default configuration where authentication is disabled by default due to
3187	CVE-2025-30528	0.04%	12.6th	9.3	This vulnerability in the WordPress Awesome Logos plugin allows attackers to perform SQL injection v
3188	CVE-2025-48481	0.04%	12.7th	9.8	This vulnerability allows attackers with unactivated email invitations to self-activate blocked or d
3189	CVE-2025-48340	0.04%	12.5th	9.8	A Cross-Site Request Forgery (CSRF) vulnerability in the Danny Vink User Profile Meta Manager WordPr
3190	CVE-2025-6433	0.04%	12.7th	9.8	This vulnerability allows malicious websites with invalid TLS certificates to bypass WebAuthn securi
3191	CVE-2025-33117	0.04%	12.5th	9.1	This vulnerability in IBM QRadar SIEM allows privileged users to modify configuration files, enablin
3192	CVE-2025-40656	0.04%	12.6th	9.8	A critical SQL injection vulnerability in DM Corporative CMS allows attackers to manipulate database
3193	CVE-2025-40654	0.04%	12.6th	9.8	A critical SQL injection vulnerability in DM Corporative CMS allows attackers to manipulate database
3194	CVE-2025-54430	0.04%	12.5th	9.1	A critical vulnerability in dedupe's GitHub Actions workflow allows attackers to execute arbitrary c
3195	CVE-2025-30124	0.04%	12.4th	9.8	This vulnerability affects Marbella KR8s Dashcam FF 2.0.8 devices, where inserting a new SD card cau
3196	CVE-2025-27034	0.04%	12.6th	9.8	This vulnerability allows memory corruption during PLMN selection from the SOR failed list in Qualco
3197	CVE-2025-21483	0.04%	12.6th	9.8	This vulnerability allows memory corruption when a user equipment (UE) device receives RTP packets d
3198	CVE-2025-55109	0.04%	12.5th	9.0	An authentication bypass vulnerability in Control-M/Agent allows remote attackers to authenticate us
3199	CVE-2026-25994	0.04%	12.6th	9.8	A buffer overflow vulnerability in PJSIP's PJNATH ICE Session component allows attackers to execute
3200	CVE-2025-8668	0.04%	12.7th	9.4	This is a reflected cross-site scripting (XSS) vulnerability in Turboard software that allows attack

← Previous Page 64 of 70 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free