Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 3351 | CVE-2025-5952 |
|
57.4th | 7.3 | This critical vulnerability in Zend.To allows remote attackers to execute arbitrary operating system | |
| 3352 | CVE-2025-53082 |
|
57.4th | 6.1 | CVE-2025-53082 is an arbitrary file deletion vulnerability in Samsung DMS that allows attackers to d | |
| 3353 | CVE-2025-54418 |
|
57.4th | 9.8 | This CVE describes a command injection vulnerability in CodeIgniter's ImageMagick handler that allow | |
| 3354 | CVE-2025-52395 |
|
57.5th | 9.8 | This vulnerability allows remote attackers to execute arbitrary code on systems running Roadcute API | |
| 3355 | CVE-2025-48392 |
|
57.5th | 7.5 | This vulnerability in Apache IoTDB is an uncontrolled resource consumption issue (CWE-400) that coul | |
| 3356 | CVE-2025-57515 |
|
57.4th | 9.8 | A critical SQL injection vulnerability in Uniclare Student Portal v2 allows remote attackers to exec | |
| 3357 | CVE-2025-63888 |
|
57.5th | 9.8 | A remote code execution vulnerability exists in ThinkPHP 5.0.24's template file driver. Attackers ca | |
| 3358 | CVE-2025-66211 |
|
57.5th | 8.8 | Coolify versions before 4.0.0-beta.451 contain an authenticated command injection vulnerability in P | |
| 3359 | CVE-2025-66210 |
|
57.5th | 8.8 | CVE-2025-66210 is an authenticated command injection vulnerability in Coolify's Database Import func | |
| 3360 | CVE-2021-47748 |
|
57.4th | 9.8 | CVE-2021-47748 is a critical remote code execution vulnerability in Hasura GraphQL Engine that allow | |
| 3361 | CVE-2025-21378 |
|
57.4th | 7.8 | This vulnerability in Windows CSC (Client Side Caching) Service allows local attackers to escalate p | |
| 3362 | CVE-2025-21304 |
|
57.4th | 7.8 | This is a use-after-free vulnerability in Microsoft's Desktop Window Manager (DWM) Core Library that | |
| 3363 | CVE-2025-21281 |
|
57.4th | 7.8 | This vulnerability in Microsoft COM for Windows allows attackers to gain elevated privileges on affe | |
| 3364 | CVE-2025-21271 |
|
57.4th | 7.8 | This vulnerability in the Windows Cloud Files Mini Filter Driver allows attackers to gain SYSTEM-lev | |
| 3365 | CVE-2025-31678 |
|
57.4th | 8.2 | This CVE describes a Missing Authorization vulnerability in Drupal AI that allows attackers to acces | |
| 3366 | CVE-2025-20236 |
|
57.3th | 8.8 | A vulnerability in Cisco Webex App's URL parser allows unauthenticated remote attackers to trick use | |
| 3367 | CVE-2025-37092 |
|
57.4th | 9.8 | A command injection vulnerability in HPE StoreOnce Software allows remote attackers to execute arbit | |
| 3368 | CVE-2025-37091 |
|
57.4th | 7.2 | A command injection vulnerability in HPE StoreOnce Software allows remote attackers to execute arbit | |
| 3369 | CVE-2025-37089 |
|
57.4th | 9.8 | A command injection vulnerability in HPE StoreOnce Software allows remote attackers to execute arbit | |
| 3370 | CVE-2025-60424 |
|
57.3th | 7.6 | This vulnerability allows attackers to bypass two-factor authentication in Nagios Fusion by brute-fo | |
| 3371 | CVE-2024-55656 |
|
57.3th | 8.8 | An integer overflow vulnerability in RedisBloom's CMS.INITBYDIM command allows authenticated Redis c | |
| 3372 | CVE-2024-13606 |
|
57.3th | 7.5 | The JS Help Desk WordPress plugin exposes sensitive support ticket attachments to unauthenticated at | |
| 3373 | CVE-2024-13568 |
|
57.3th | 7.5 | The Fluent Support WordPress plugin exposes sensitive ticket attachments to unauthenticated attacker | |
| 3374 | CVE-2025-6102 |
|
57.3th | 8.8 | This critical vulnerability in Wifi-soft UniBox Controller allows remote attackers to execute arbitr | |
| 3375 | CVE-2025-7145 |
|
57.3th | 7.2 | CVE-2025-7145 is an OS command injection vulnerability in ThreatSonar Anti-Ransomware that allows re | |
| 3376 | CVE-2025-66555 |
|
57.3th | N/A | AirKeyboard iOS App 1.0.5 has a missing authentication vulnerability that allows unauthenticated att | |
| 3377 | CVE-2025-24381 |
|
57.2th | 8.8 | Dell Unity storage systems version 5.4 and earlier contain an open redirect vulnerability that allow | |
| 3378 | CVE-2025-6887 |
|
57.3th | 8.8 | A critical stack-based buffer overflow vulnerability in Tenda AC5 routers allows remote attackers to | |
| 3379 | CVE-2025-5798 |
|
57.3th | 8.8 | A critical stack-based buffer overflow vulnerability in Tenda AC8 routers allows remote attackers to | |
| 3380 | CVE-2025-5794 |
|
57.3th | 8.8 | A critical buffer overflow vulnerability in Tenda AC5 routers allows remote attackers to execute arb | |
| 3381 | CVE-2025-7423 |
|
57.3th | 8.8 | A critical stack-based buffer overflow vulnerability in Tenda O3V2 routers allows remote attackers t | |
| 3382 | CVE-2025-7421 |
|
57.3th | 8.8 | A critical stack-based buffer overflow vulnerability in Tenda O3V2 routers allows remote attackers t | |
| 3383 | CVE-2025-7420 |
|
57.3th | 8.8 | A critical stack-based buffer overflow vulnerability in Tenda O3V2 routers allows remote attackers t | |
| 3384 | CVE-2025-7418 |
|
57.3th | 8.8 | A critical stack-based buffer overflow vulnerability in Tenda O3V2 routers allows remote attackers t | |
| 3385 | CVE-2025-7416 |
|
57.3th | 8.8 | A critical stack-based buffer overflow vulnerability exists in Tenda O3V2 routers running firmware v | |
| 3386 | CVE-2025-13156 |
|
57.2th | 8.8 | The Vitepos WordPress plugin allows authenticated users with subscriber-level access or higher to up | |
| 3387 | CVE-2025-12161 |
|
57.2th | 8.8 | The Smart Auto Upload Images WordPress plugin allows authenticated attackers with Contributor-level | |
| 3388 | CVE-2025-58078 |
|
57.2th | 7.5 | An unauthenticated remote attacker can exploit a relative path traversal vulnerability in Productivi | |
| 3389 | CVE-2025-57457 |
|
57.1th | 8.8 | This CVE describes an OS command injection vulnerability in the Curo UC300 admin panel where local a | |
| 3390 | CVE-2025-20793 |
|
57.2th | 6.5 | This vulnerability in MediaTek modems allows remote denial of service through system crashes when de | |
| 3391 | CVE-2025-0617 |
|
57.1th | 5.9 | This XML entity expansion vulnerability in HX 10.0.0 and earlier allows attackers to cause denial of | |
| 3392 | CVE-2025-24438 |
|
57.1th | 8.7 | A stored Cross-Site Scripting (XSS) vulnerability in Adobe Commerce allows low-privileged attackers | |
| 3393 | CVE-2025-24417 |
|
57.1th | 8.7 | A stored Cross-Site Scripting (XSS) vulnerability in Adobe Commerce allows low-privileged attackers | |
| 3394 | CVE-2025-24416 |
|
57.1th | 8.7 | A stored Cross-Site Scripting (XSS) vulnerability in Adobe Commerce allows low-privileged attackers | |
| 3395 | CVE-2025-24415 |
|
57.1th | 8.7 | A stored Cross-Site Scripting (XSS) vulnerability in Adobe Commerce allows low-privileged attackers | |
| 3396 | CVE-2025-24414 |
|
57.1th | 8.7 | A stored Cross-Site Scripting (XSS) vulnerability in Adobe Commerce allows low-privileged attackers | |
| 3397 | CVE-2025-24413 |
|
57.1th | 8.7 | A stored cross-site scripting (XSS) vulnerability in Adobe Commerce allows low-privileged attackers | |
| 3398 | CVE-2025-24412 |
|
57.1th | 8.7 | A stored Cross-Site Scripting (XSS) vulnerability in Adobe Commerce allows low-privileged attackers | |
| 3399 | CVE-2025-24410 |
|
57.1th | 8.7 | A stored Cross-Site Scripting (XSS) vulnerability in Adobe Commerce allows low-privileged attackers | |
| 3400 | CVE-2025-3057 |
|
57.1th | 6.1 | This Cross-Site Scripting (XSS) vulnerability in Drupal core allows attackers to inject malicious sc |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free