Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
3201	CVE-2025-60279	0.04%	12.6th	9.6	This SSRF vulnerability in Illia Cloud illia-Builder allows authenticated users to make arbitrary re
3202	CVE-2025-41115	0.04%	12.4th	10.0	A critical vulnerability in Grafana's SCIM provisioning allows malicious SCIM clients to provision u
3203	CVE-2026-25876	0.04%	12.5th	9.1	PlaciPy placement management system version 1.0.0 has a missing object-level authorization vulnerabi
3204	CVE-2026-25810	0.04%	12.5th	9.1	PlaciPy placement management system version 1.0.0 has an authorization vulnerability where authentic
3205	CVE-2025-10573	0.04%	12.7th	9.6	This stored cross-site scripting (XSS) vulnerability in Ivanti Endpoint Manager allows unauthenticat
3206	CVE-2026-22184	0.04%	12.5th	9.8	This CVE describes a global buffer overflow vulnerability in zlib's untgz utility when processing ex
3207	CVE-2025-5098	0.04%	12.2th	9.1	The PrinterShare Android application allows attackers to capture Gmail authentication tokens, enabli
3208	CVE-2025-70314	0.04%	12.2th	9.8	CVE-2025-70314 is a critical buffer overflow vulnerability in webfsd 1.21 that allows remote attacke
3209	CVE-2025-48122	0.04%	12.1th	9.3	This SQL injection vulnerability in the Spreadsheet Price Changer plugin for WooCommerce and WP E-co
3210	CVE-2025-31424	0.04%	12.1th	9.3	This SQL injection vulnerability in the WP Lead Capturing Pages WordPress plugin allows attackers to
3211	CVE-2025-31059	0.04%	12.1th	9.3	This SQL injection vulnerability in the WBW Product Table PRO WordPress plugin allows attackers to e
3212	CVE-2025-24767	0.04%	12.1th	9.3	This SQL injection vulnerability in the TicketBAI Facturas para WooCommerce WordPress plugin allows
3213	CVE-2025-49535	0.04%	12.1th	9.3	This XXE vulnerability in Adobe ColdFusion allows attackers to bypass security restrictions and acce
3214	CVE-2025-45006	0.04%	12.2th	9.1	This vulnerability in Rocket Chip RISC-V processors allows unauthorized access to physical memory du
3215	CVE-2025-8660	0.04%	12.2th	9.8	CVE-2025-8660 is a critical privilege escalation vulnerability in Broadcom software that allows auth
3216	CVE-2025-67135	0.04%	12.4th	9.8	This vulnerability in the PF-50 1.2 keyfob of the PGST PG107 Alarm System allows attackers to perfor
3217	CVE-2025-11242	0.04%	12.4th	9.8	This Server-Side Request Forgery (SSRF) vulnerability in Teknolist Okulistik allows attackers to mak
3218	CVE-2026-25057	0.04%	12.1th	9.1	This vulnerability allows instructors to achieve arbitrary file write on the server by uploading spe
3219	CVE-2025-66602	0.04%	12.2th	9.8	This vulnerability in Yokogawa's FAST/TOOLS allows web servers to be accessed directly by IP address
3220	CVE-2025-66567	0.04%	12.2th	9.1	The ruby-saml library contains an authentication bypass vulnerability due to XML parsing differences
3221	CVE-2026-24740	0.04%	12.2th	9.9	This vulnerability in Dozzle allows users restricted by label filters to bypass container isolation
3222	CVE-2026-24874	0.04%	12.1th	9.1	This is a type confusion vulnerability in the xray-monolith software that allows attackers to access
3223	CVE-2025-61246	0.04%	12.3th	9.8	This vulnerability allows attackers to execute arbitrary SQL commands through the proId parameter in
3224	CVE-2022-50981	0.04%	12.1th	9.8	CVE-2022-50981 allows unauthenticated remote attackers to gain full administrative access to affecte
3225	CVE-2025-8572	0.04%	12.1th	9.8	The Truelysell Core WordPress plugin allows unauthenticated attackers to create administrator accoun
3226	CVE-2026-25996	0.04%	11.9th	9.8	This vulnerability in Inspektor Gadget allows malicious containers to inject ANSI escape sequences i
3227	CVE-2026-24895	0.04%	11.9th	9.8	This vulnerability in FrankenPHP allows an attacker to manipulate Unicode characters in request path
3228	CVE-2025-6179	0.04%	12th	9.8	This vulnerability allows a local attacker on managed ChromeOS devices to bypass extension managemen
3229	CVE-2025-26854	0.04%	12th	9.8	This SQL injection vulnerability in the Articles Good Search extension for Joomla allows attackers t
3230	CVE-2025-50240	0.04%	12th	9.8	CVE-2025-50240 is a critical SQL injection vulnerability in nbcio-boot v1.0.3 that allows attackers
3231	CVE-2025-28982	0.04%	12th	9.3	This SQL injection vulnerability in the WP Pipes WordPress plugin allows attackers to execute arbitr
3232	CVE-2025-53632	0.04%	11.9th	9.1	CVE-2025-53632 is a path traversal vulnerability (zip slip) in Chall-Manager that allows unauthentic
3233	CVE-2025-50251	0.04%	12.1th	9.1	This SSRF vulnerability in makeplane plane 0.23.1 allows attackers to make unauthorized requests fro
3234	CVE-2025-54794	0.04%	11.8th	9.1	CVE-2025-54794 is a path traversal vulnerability in Claude Code versions below 0.2.111 that allows a
3235	CVE-2025-58143	0.04%	11.9th	9.8	CVE-2025-58143 is a race condition vulnerability in Xen's viridian code that allows a malicious gues
3236	CVE-2025-52410	0.04%	12th	9.8	Institute-of-Current-Students v1.0 contains a time-based blind SQL injection vulnerability in the my
3237	CVE-2025-54947	0.04%	11.8th	9.8	Apache StreamPark versions 2.0.0 through 2.1.6 use a hard-coded encryption key, allowing attackers t
3238	CVE-2025-49055	0.04%	12th	9.8	This SQL injection vulnerability in the WP Lead Capturing Pages WordPress plugin allows attackers to
3239	CVE-2025-70892	0.04%	12th	9.8	CVE-2025-70892 is a critical SQL injection vulnerability in Phpgurukul Cyber Cafe Management System
3240	CVE-2025-52714	0.04%	11.6th	9.3	This SQL injection vulnerability in the Traveler WordPress theme allows attackers to execute arbitra
3241	CVE-2025-28959	0.04%	11.6th	9.3	This SQL injection vulnerability in the URL Shortener WordPress plugin allows attackers to execute a
3242	CVE-2025-28983	0.04%	11.6th	9.8	This SQL injection vulnerability in ClickandPledge Click & Pledge Connect WordPress plugin allows at
3243	CVE-2025-57801	0.04%	11.4th	9.1	This vulnerability in gnark's signature verification allows signature malleability, enabling multipl
3244	CVE-2025-54982	0.04%	11.7th	9.6	This vulnerability allows attackers to bypass SAML authentication in Zscaler's identity provider imp
3245	CVE-2025-58361	0.04%	11.7th	9.3	CVE-2025-58361 is a cross-site scripting (XSS) vulnerability in Promptcraft Forge Studio where insuf
3246	CVE-2025-22435	0.04%	11.4th	9.8	This vulnerability allows memory corruption via type confusion in Android's Bluetooth AVDT protocol
3247	CVE-2025-34282	0.04%	11.7th	9.1	This SSRF vulnerability in ThingsBoard allows attackers to upload malicious SVG files that trigger o
3248	CVE-2026-0488	0.04%	11.5th	9.9	An authenticated attacker in SAP CRM and SAP S/4HANA can exploit a flaw in the Scripting Editor's ge
3249	CVE-2025-10571	0.04%	11.3th	9.6	CVE-2025-10571 is an authentication bypass vulnerability in ABB Ability Edgenius that allows attacke
3250	CVE-2025-66568	0.04%	11.6th	9.1	The ruby-saml library versions up to 1.12.4 are vulnerable to authentication bypass via Signature Wr

← Previous Page 65 of 70 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free