Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
3151	CVE-2025-4538	0.1%	27.2th	6.3	CVE-2025-4538 is a critical unrestricted file upload vulnerability in kkFileView 4.4.0 that allows r
3152	CVE-2025-4370	0.1%	27.1th	5.3	The Brizy Page Builder WordPress plugin has an unauthenticated file upload vulnerability that allows
3153	CVE-2025-22227	0.1%	27.3th	6.1	The Reactor Netty HTTP client can leak credentials when configured to follow redirects in specific c
3154	CVE-2025-25734	0.1%	27.1th	6.8	Kapsch TrafficCom RIS-9160 and RIS-9260 Roadside Units contain an unauthenticated EFI shell accessib
3155	CVE-2025-51054	0.1%	27.2th	6.5	Vedo Suite 2024.17 has an authentication bypass vulnerability where unauthenticated attackers can ob
3156	CVE-2025-58457	0.1%	27.2th	4.3	This vulnerability allows authorized ZooKeeper clients to execute snapshot and restore commands with
3157	CVE-2025-58466	0.1%	27.2th	4.9	A use of uninitialized variable vulnerability in QNAP operating systems allows attackers with admini
3158	CVE-2025-12972	0.1%	27.1th	5.3	CVE-2025-12972 is a path traversal vulnerability in Fluent Bit's out_file plugin that allows attacke
3159	CVE-2025-61821	0.1%	27.1th	6.8	This XXE vulnerability in ColdFusion allows attackers to read arbitrary files from the server's file
3160	CVE-2024-45326	0.1%	27.2th	4.3	An authenticated attacker with no privileges can perform unauthorized operations on FortiDeceptor ce
3161	CVE-2025-0721	0.1%	27th	4.3	This vulnerability allows attackers to inject malicious scripts via the Username parameter in the im
3162	CVE-2025-22621	0.1%	27th	6.4	CVE-2025-22621 is an improper access control vulnerability in Splunk App for SOAR where following th
3163	CVE-2022-49502	0.1%	27.1th	5.5	This CVE describes a memory leak vulnerability in the Linux kernel's RGA (Raster Graphic Acceleratio
3164	CVE-2022-49312	0.1%	27.1th	5.5	This is a memory leak vulnerability in the Linux kernel's rtl8712 WiFi driver. When driver initializ
3165	CVE-2025-2671	0.1%	27th	6.3	This critical vulnerability in Yue Lao Blind Box software allows remote attackers to upload arbitrar
3166	CVE-2024-45644	0.1%	27th	4.7	This vulnerability allows privileged users in IBM Security ReaQta to upload dangerous file types tha
3167	CVE-2025-1949	0.1%	27th	4.3	This vulnerability in ZZCMS 2025 allows cross-site scripting (XSS) attacks through manipulation of t
3168	CVE-2025-1835	0.1%	27th	6.3	CVE-2025-1835 is a critical unrestricted file upload vulnerability in osuuu LightPicture 1.2.2 that
3169	CVE-2025-38637	0.1%	27.1th	5.5	A Linux kernel vulnerability in the SKBPRIO queue discipline (qdisc) causes assertion failures when
3170	CVE-2025-32987	0.1%	27th	6.0	Arctera eDiscovery Platform versions before 10.3.2 expose cleartext passwords on command lines when
3171	CVE-2024-54188	0.1%	27.1th	5.3	Infoblox NETMRI versions before 7.6.1 contain a vulnerability that allows remote authenticated users
3172	CVE-2025-4574	0.1%	27th	6.5	A race condition in crossbeam-channel's Channel type Drop implementation can cause double-free memor
3173	CVE-2025-20283	0.1%	27th	6.5	This vulnerability in Cisco ISE and ISE-PIC allows authenticated attackers with high-privileged cred
3174	CVE-2025-59386	0.1%	27th	4.9	A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with admi
3175	CVE-2025-36153	0.1%	27th	6.1	IBM Concert versions 1.0.0 through 2.0.0 contain a cross-site scripting (XSS) vulnerability that all
3176	CVE-2025-13880	0.1%	27.1th	6.5	The WP Social Ninja WordPress plugin has an authorization bypass vulnerability that allows unauthent
3177	CVE-2026-20925	0.1%	27th	6.5	This vulnerability allows an attacker to manipulate file paths in Windows NTLM authentication, enabl
3178	CVE-2026-20872	0.1%	27th	6.5	This vulnerability allows an attacker to manipulate file paths in Windows NTLM authentication, enabl
3179	CVE-2025-61782	0.1%	27th	5.4	OpenCTI versions before 6.8.3 contain an open redirect vulnerability in the SAML authentication call
3180	CVE-2023-47159	0.1%	26.7th	4.3	IBM Sterling File Gateway versions 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 contain an in
3181	CVE-2024-10324	0.1%	26.9th	4.3	The RomethemeKit For Elementor WordPress plugin exposes sensitive template data through a vulnerabil
3182	CVE-2025-0409	0.1%	26.8th	6.3	This critical SQL injection vulnerability in liujianview gymxmjpa 1.0 allows remote attackers to exe
3183	CVE-2025-0407	0.1%	26.8th	6.3	This is a critical SQL injection vulnerability in liujianview gymxmjpa 1.0 that allows remote attack
3184	CVE-2025-0403	0.1%	26.7th	5.3	This vulnerability in reggie 1.0 allows remote attackers to obtain sensitive information by manipula
3185	CVE-2024-54849	0.1%	26.8th	5.9	This vulnerability in CP Plus CP-VNR-3104 video network recorders allows attackers to obtain the sec
3186	CVE-2024-13274	0.1%	26.8th	5.3	This vulnerability in Drupal Open Social allows attackers to abuse functionality by making requests
3187	CVE-2025-0331	0.1%	26.8th	5.3	This vulnerability in YunzMall allows attackers to remotely bypass password recovery mechanisms thro
3188	CVE-2024-28778	0.1%	26.8th	6.5	This vulnerability exposes Artifactory API keys in IBM Cognos Controller and IBM Controller, allowin
3189	CVE-2024-6697	0.1%	26.8th	6.5	This vulnerability in Hitachi Vantara Pentaho Business Analytics Server allows attackers to cause de
3190	CVE-2024-56463	0.1%	26.7th	4.8	IBM QRadar SIEM 7.5 contains a cross-site scripting vulnerability that allows privileged users to in
3191	CVE-2024-10940	0.1%	26.8th	5.3	This vulnerability in langchain-core allows unauthorized users to read arbitrary files from the host
3192	CVE-2025-46599	0.1%	26.8th	6.8	A configuration change in CNCF K3s versions 1.32.0 through 1.32.3 inadvertently enables the kubelet
3193	CVE-2025-3318	0.1%	26.7th	6.3	This critical SQL injection vulnerability in Kenj_Frog's company-financial-management system version
3194	CVE-2025-43764	0.1%	26.8th	6.5	This vulnerability allows authenticated users with Kaleo Workflow update permissions to submit malic
3195	CVE-2025-10965	0.1%	26.9th	6.3	This vulnerability allows remote attackers to execute arbitrary code through insecure deserializatio
3196	CVE-2025-10950	0.1%	26.9th	6.3	A remote code execution vulnerability exists in geyang ml-logger's ping handler due to unsafe deseri
3197	CVE-2025-54291	0.1%	26.9th	5.3	This vulnerability allows unauthenticated remote attackers to determine whether specific projects ex
3198	CVE-2025-13452	0.1%	26.7th	4.3	This vulnerability allows unauthenticated attackers to impersonate any WordPress user and inject arb
3199	CVE-2025-12937	0.1%	26.7th	6.5	The ACF Flexible Layouts Manager WordPress plugin has an authentication bypass vulnerability that al
3200	CVE-2025-13107	0.1%	26.7th	4.3	This vulnerability allows attackers to create deceptive UI elements that appear legitimate but are a

← Previous Page 64 of 331 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free