Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
3201	CVE-2025-11522	0.38%	58.6th	9.8	This vulnerability allows unauthenticated attackers to bypass authentication and take over any user
3202	CVE-2021-4471	0.38%	58.6th	N/A	TG8 Firewall exposes the /data/ directory via HTTP without authentication, allowing remote attackers
3203	CVE-2024-12264	0.37%	58.6th	9.8	This vulnerability allows unauthenticated attackers to create administrative user accounts on WordPr
3204	CVE-2024-12402	0.37%	58.6th	9.8	This vulnerability allows unauthenticated attackers to change any WordPress user's password, includi
3205	CVE-2025-30465	0.37%	58.6th	9.8	This CVE describes a permissions bypass vulnerability in Apple's Shortcuts app across multiple macOS
3206	CVE-2024-10361	0.37%	58.5th	9.1	This vulnerability allows attackers to delete arbitrary files on servers running vulnerable versions
3207	CVE-2025-1932	0.37%	58.6th	8.1	A memory corruption vulnerability in Firefox and Thunderbird's XSLT processor could allow attackers
3208	CVE-2025-4139	0.37%	58.5th	8.8	A critical buffer overflow vulnerability in Netgear EX6120's fwAcosCgiInbound function allows remote
3209	CVE-2025-32931	0.37%	58.6th	9.1	CVE-2025-32931 is an authenticated remote code execution vulnerability in DevDojo Voyager that allow
3210	CVE-2025-11018	0.37%	58.5th	5.3	This CVE describes a path traversal vulnerability in Four-Faith Water Conservancy Informatization Pl
3211	CVE-2025-10709	0.37%	58.5th	5.3	This CVE describes a path traversal vulnerability in Four-Faith Water Conservancy Informatization Pl
3212	CVE-2025-10708	0.37%	58.5th	5.3	This CVE describes a path traversal vulnerability in Four-Faith Water Conservancy Informatization Pl
3213	CVE-2024-50859	0.37%	58.5th	4.8	This vulnerability allows attackers to execute malicious JavaScript in victims' browsers when they u
3214	CVE-2024-13537	0.37%	58.5th	5.3	The C9 Blocks WordPress plugin contains a publicly accessible file (composer-setup.php) that disclos
3215	CVE-2025-4135	0.37%	58.5th	6.3	This CVE describes a critical command injection vulnerability in Netgear WG302v2 wireless access poi
3216	CVE-2025-5619	0.37%	58.5th	8.8	A critical stack-based buffer overflow vulnerability in Tenda CH22 routers allows remote attackers t
3217	CVE-2025-29523	0.37%	58.5th	7.2	This CVE describes a command injection vulnerability in D-Link DSL-7740C routers that allows attacke
3218	CVE-2025-43984	0.37%	58.5th	9.8	This vulnerability allows remote unauthenticated attackers to execute arbitrary operating system com
3219	CVE-2025-10230	0.37%	58.5th	10.0	This critical vulnerability in Samba allows unauthenticated remote attackers to execute arbitrary co
3220	CVE-2024-9132	0.37%	58.4th	8.1	This vulnerability allows administrators to configure insecure captive portal scripts in Arista EOS
3221	CVE-2025-0999	0.37%	58.5th	8.8	A heap buffer overflow vulnerability in Chrome's V8 JavaScript engine allows remote attackers to pot
3222	CVE-2025-31685	0.37%	58.4th	9.1	This CVE describes a Missing Authorization vulnerability in Drupal Open Social that allows Forceful
3223	CVE-2024-13567	0.37%	58.4th	7.5	This vulnerability allows unauthenticated attackers to access sensitive files stored in the Awesome
3224	CVE-2025-59259	0.37%	58.4th	6.5	This vulnerability in Windows Local Session Manager allows authenticated attackers to cause denial o
3225	CVE-2025-59257	0.37%	58.4th	6.5	This vulnerability in Windows Local Session Manager allows authenticated attackers to send specially
3226	CVE-2023-45760	0.37%	58.4th	4.3	This CVE describes a Missing Authorization vulnerability in the wpDiscuz WordPress plugin that allow
3227	CVE-2025-1403	0.37%	58.4th	8.6	This vulnerability allows remote attackers to cause denial of service by sending maliciously crafted
3228	CVE-2025-7806	0.37%	58.4th	8.8	A critical stack-based buffer overflow vulnerability in Tenda FH451 routers allows remote attackers
3229	CVE-2025-7805	0.37%	58.4th	8.8	A critical stack-based buffer overflow vulnerability in Tenda FH451 routers allows remote attackers
3230	CVE-2025-7794	0.37%	58.4th	8.8	A critical stack-based buffer overflow vulnerability in Tenda FH451 routers allows remote attackers
3231	CVE-2025-7792	0.37%	58.4th	8.8	A critical stack-based buffer overflow vulnerability in Tenda FH451 routers allows remote attackers
3232	CVE-2025-7549	0.37%	58.4th	8.8	A critical stack-based buffer overflow vulnerability in Tenda FH1201 routers allows remote attackers
3233	CVE-2025-7544	0.37%	58.4th	8.8	A critical stack-based buffer overflow vulnerability in Tenda AC1206 routers allows remote attackers
3234	CVE-2025-9483	0.37%	58.4th	8.8	A stack-based buffer overflow vulnerability in Linksys RE series range extenders allows remote attac
3235	CVE-2025-9358	0.37%	58.4th	8.8	A stack-based buffer overflow vulnerability in Linksys WiFi range extenders allows remote attackers
3236	CVE-2025-9355	0.37%	58.4th	8.8	A stack-based buffer overflow vulnerability in Linksys RE series range extenders allows remote attac
3237	CVE-2025-9023	0.37%	58.4th	8.8	A buffer overflow vulnerability in Tenda AC7 and AC18 routers allows remote attackers to execute arb
3238	CVE-2025-9791	0.37%	58.4th	8.8	This vulnerability allows remote attackers to execute arbitrary code on Tenda AC20 routers via a sta
3239	CVE-2025-15257	0.37%	58.4th	7.3	This CVE describes a command injection vulnerability in the Edimax BR-6208AC router's web configurat
3240	CVE-2025-3874	0.37%	58.3th	6.5	The WordPress Simple Shopping Cart plugin has an Insecure Direct Object Reference vulnerability that
3241	CVE-2020-0919	0.37%	58.3th	7.8	This vulnerability allows attackers to load unsigned binaries in Microsoft Remote Desktop App for Ma
3242	CVE-2025-52385	0.37%	58.3th	9.8	This critical vulnerability in Studio 3T allows remote attackers to execute arbitrary code on affect
3243	CVE-2025-0568	0.37%	58.2th	7.5	This vulnerability allows remote attackers to cause denial-of-service on Sante PACS Server by sendin
3244	CVE-2025-26530	0.37%	58.2th	8.3	This reflected cross-site scripting (XSS) vulnerability in Moodle's question bank filter allows atta
3245	CVE-2024-13600	0.37%	58.3th	7.5	This vulnerability allows unauthenticated attackers to access sensitive file attachments from WordPr
3246	CVE-2025-1514	0.37%	58.3th	7.3	This vulnerability in the Active Products Tables for WooCommerce WordPress plugin allows unauthentic
3247	CVE-2024-53388	0.37%	58.3th	8.8	A DOM Clobbering vulnerability in Mavo v0.3.2 allows attackers to inject malicious HTML elements tha
3248	CVE-2025-39550	0.37%	58.3th	9.8	CVE-2025-39550 is a PHP object injection vulnerability in the Shahjahan Jewel FluentCommunity WordPr
3249	CVE-2025-32658	0.37%	58.3th	9.8	This vulnerability allows attackers to execute arbitrary code on WordPress sites running the vulnera
3250	CVE-2025-32572	0.37%	58.3th	9.8	CVE-2025-32572 is a PHP object injection vulnerability in the Kata Plus WordPress plugin that allows

← Previous Page 65 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free