Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Flags	Summary
3251	CVE-2025-27286	0.37%	58.3th	9.8		This vulnerability allows remote attackers to execute arbitrary code through PHP object injection vi
3252	CVE-2025-30985	0.37%	58.3th	9.8		A PHP object injection vulnerability in GNUCommerce WordPress plugin allows attackers to execute arb
3253	CVE-2025-32568	0.37%	58.3th	9.8		This vulnerability allows attackers to inject malicious objects through deserialization of untrusted
3254	CVE-2025-31612	0.37%	58.3th	9.8		This vulnerability allows attackers to inject malicious PHP objects through deserialization of untru
3255	CVE-2025-31084	0.37%	58.3th	9.8		This vulnerability allows attackers to inject malicious objects through deserialization of untrusted
3256	CVE-2025-6554	0.37%	58.3th	8.1	KEV	This vulnerability is a type confusion flaw in Chrome's V8 JavaScript engine that allows attackers t
3257	CVE-2025-32897	0.37%	58.3th	9.8		This vulnerability allows attackers to execute arbitrary code by sending malicious serialized data t
3258	CVE-2025-10442	0.37%	58.3th	6.3		This vulnerability allows remote attackers to execute arbitrary operating system commands on Tenda A
3259	CVE-2025-11942	0.37%	58.3th	7.3		This vulnerability allows attackers to bypass the pairing authentication mechanism in 70mai X200 das
3260	CVE-2024-12703	0.37%	58.2th	7.8		This CVE describes a deserialization vulnerability in Schneider Electric software where a non-admin
3261	CVE-2025-20175	0.37%	58.2th	7.7		A vulnerability in Cisco IOS and IOS XE SNMP subsystems allows authenticated remote attackers to cau
3262	CVE-2025-20174	0.37%	58.2th	7.7		A vulnerability in Cisco IOS and IOS XE SNMP subsystems allows authenticated remote attackers to cau
3263	CVE-2025-20170	0.37%	58.2th	7.7		A vulnerability in Cisco IOS and IOS XE SNMP subsystems allows authenticated remote attackers to cau
3264	CVE-2025-20169	0.37%	58.2th	7.7		A vulnerability in Cisco IOS and IOS XE SNMP subsystems allows authenticated remote attackers to cau
3265	CVE-2025-2398	0.37%	58.2th	7.2		This critical vulnerability in China Mobile networking devices allows attackers to use default crede
3266	CVE-2025-4076	0.37%	58.2th	6.3		This critical vulnerability in LB-LINK BL-AC3600 routers allows remote attackers to execute arbitrar
3267	CVE-2024-56528	0.37%	58.2th	7.5		This vulnerability allows attackers to send very large payloads to Snowplow Collector 3.x servers, c
3268	CVE-2025-8180	0.37%	58.2th	8.8		A critical buffer overflow vulnerability in Tenda CH22 routers allows remote attackers to execute ar
3269	CVE-2025-8289	0.37%	58.2th	7.5		This vulnerability in the Redirection for Contact Form 7 WordPress plugin allows unauthenticated att
3270	CVE-2025-8939	0.37%	58.2th	8.8		This vulnerability allows remote attackers to execute arbitrary code on Tenda AC20 routers by exploi
3271	CVE-2025-11001	0.37%	58.2th	7.8		This vulnerability in 7-Zip allows remote attackers to execute arbitrary code by exploiting director
3272	CVE-2025-2360	0.37%	58.1th	7.3		A critical vulnerability in D-Link DIR-823G routers allows remote attackers to bypass authorization
3273	CVE-2025-24297	0.37%	58.1th	9.8		This vulnerability allows attackers to inject malicious JavaScript code into users' personal spaces
3274	CVE-2025-53826	0.37%	58.1th	9.8		File Browser version 2.39.0 has an authentication flaw where JWT tokens remain valid indefinitely ev
3275	CVE-2025-7424	0.37%	58.1th	7.5		A type confusion vulnerability in libxslt's psvi memory field allows attackers to crash applications
3276	CVE-2025-30461	0.37%	58.1th	9.8		This CVE describes a macOS sandbox bypass vulnerability where malicious applications can access prot
3277	CVE-2025-24245	0.37%	58.1th	9.8		This vulnerability allows malicious applications to bypass verification code rate limiting and acces
3278	CVE-2025-2357	0.37%	58.1th	6.3		A critical memory corruption vulnerability in DCMTK's JPEG-LS decoder allows remote attackers to pot
3279	CVE-2025-2146	0.37%	58.1th	9.8		A buffer overflow vulnerability in the WebService Authentication processing of Canon multifunction p
3280	CVE-2025-55588	0.37%	58.1th	7.5		This buffer overflow vulnerability in TOTOLINK A3002R routers allows attackers to cause Denial of Se
3281	CVE-2025-55586	0.37%	58.1th	7.5		This CVE describes a buffer overflow vulnerability in the TOTOLINK A3002R router's web interface. At
3282	CVE-2025-8878	0.37%	58.1th	6.5		This vulnerability allows unauthenticated attackers to execute arbitrary WordPress shortcodes throug
3283	CVE-2025-56099	0.37%	58.1th	8.8		This CVE describes an OS command injection vulnerability in Ruijie RG-YST access points that allows
3284	CVE-2025-68509	0.37%	58.1th	6.1		This CVE describes an open redirect vulnerability in the WordPress User Submitted Posts plugin that
3285	CVE-2025-56113	0.37%	58.1th	8.8		This CVE describes an OS command injection vulnerability in Ruijie RG-YST EST devices that allows at
3286	CVE-2025-32682	0.37%	58th	9.9		This vulnerability allows attackers to upload arbitrary files, including web shells, to WordPress se
3287	CVE-2025-32445	0.37%	58th	9.9		This CVE allows authenticated users with EventSource/Sensor CRUD permissions in Argo Events to escal
3288	CVE-2025-32140	0.37%	58th	9.9		This vulnerability allows attackers to upload arbitrary files, including web shells, to WordPress se
3289	CVE-2025-5147	0.37%	58th	6.3		This critical vulnerability in Netcore routers allows remote attackers to execute arbitrary commands
3290	CVE-2025-55315	0.37%	58th	9.9		CVE-2025-55315 is an HTTP request smuggling vulnerability in ASP.NET Core that allows an authenticat
3291	CVE-2025-67728	0.37%	58th	9.8		CVE-2025-67728 is a command injection vulnerability in Fireshare that allows authenticated users (or
3292	CVE-2025-14093	0.37%	58th	4.7		This CVE describes an OS command injection vulnerability in Edimax BR-6478AC V3 routers. Attackers c
3293	CVE-2023-51320	0.36%	57.9th	5.3		PHPJabbers Night Club Booking Software v1.0 has a CSV injection vulnerability in the Languages secti
3294	CVE-2023-33302	0.36%	57.9th	4.7		This vulnerability allows authenticated attackers with regular webmail access to trigger a buffer ov
3295	CVE-2024-13442	0.36%	57.9th	9.8		This vulnerability allows unauthenticated attackers to take over any user account, including adminis
3296	CVE-2024-57151	0.36%	57.9th	6.8		This SQL injection vulnerability in rainrocka xinhu allows remote attackers to execute arbitrary SQL
3297	CVE-2025-20762	0.36%	57.9th	6.5		This vulnerability in MediaTek modems allows remote denial of service through system crashes when de
3298	CVE-2025-20761	0.36%	57.9th	6.5		This vulnerability in MediaTek modems allows remote denial of service attacks when a user equipment
3299	CVE-2025-20760	0.36%	57.9th	6.5		This vulnerability in MediaTek modems allows reading uninitialized heap data when a device connects
3300	CVE-2024-10574	0.36%	57.9th	7.2		This vulnerability allows unauthenticated attackers to modify Google Sheets integration credentials

← Previous Page 66 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free