Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
3401	CVE-2025-37099	0.35%	57.1th	9.8	A critical remote code execution vulnerability exists in HPE Insight Remote Support (IRS) software d
3402	CVE-2025-67397	0.35%	57.1th	9.1	CVE-2025-67397 is a command injection vulnerability in Passy v1.6.3 that allows authenticated remote
3403	CVE-2023-51316	0.35%	57.1th	7.5	This vulnerability allows attackers to abuse the 'Forgot Password' feature in PHPJabbers Bus Reserva
3404	CVE-2023-51314	0.35%	57.1th	7.5	This vulnerability allows attackers to send excessive password reset and email change requests to le
3405	CVE-2023-51293	0.35%	57.1th	7.5	This vulnerability allows attackers to send excessive password reset or email change requests to leg
3406	CVE-2025-1011	0.35%	57.1th	8.8	A WebAssembly code generation bug in Mozilla products could allow attackers to cause crashes and pot
3407	CVE-2025-21429	0.35%	57.1th	7.5	This vulnerability allows memory corruption during Wi-Fi connection establishment between a station
3408	CVE-2025-5978	0.35%	57.1th	8.8	A critical stack-based buffer overflow vulnerability in Tenda FH1202 routers allows remote attackers
3409	CVE-2025-20349	0.35%	57th	6.3	This vulnerability allows authenticated attackers with at least Observer role credentials to execute
3410	CVE-2026-2135	0.35%	57th	6.3	This vulnerability allows remote attackers to execute arbitrary commands on UTT HiPER 810 routers by
3411	CVE-2025-30686	0.35%	56.9th	7.6	This vulnerability in Oracle Hospitality Simphony allows authenticated attackers with low privileges
3412	CVE-2025-29981	0.35%	57th	7.5	Dell Wyse Management Suite versions before 5.1 expose sensitive information through data queries. Un
3413	CVE-2025-33025	0.35%	57th	9.9	This vulnerability allows authenticated remote attackers to execute arbitrary code with root privile
3414	CVE-2025-32469	0.35%	57th	9.9	A command injection vulnerability in the web interface ping tool of Siemens RUGGEDCOM ROX devices al
3415	CVE-2025-12493	0.35%	57th	9.8	This vulnerability allows unauthenticated attackers to include and execute arbitrary PHP files on Wo
3416	CVE-2025-14344	0.35%	57th	9.8	This vulnerability allows unauthenticated attackers to delete arbitrary files on WordPress servers r
3417	CVE-2021-47921	0.35%	57th	6.5	Free Photo & Video Vault 0.0.2 contains a directory traversal vulnerability that allows remote attac
3418	CVE-2024-55926	0.35%	56.9th	7.6	A vulnerability in Xerox Workplace Suite allows attackers to read, upload, and delete arbitrary file
3419	CVE-2025-22785	0.35%	56.9th	9.3	This SQL injection vulnerability in the ComMotion Course Booking System WordPress plugin allows atta
3420	CVE-2024-53561	0.35%	56.9th	8.7	A remote code execution vulnerability in Arcadyan Meteor 2 CPE FG360 firmware allows attackers to ex
3421	CVE-2025-1294	0.35%	56.9th	7.2	The eForm WordPress Form Builder plugin has a stored cross-site scripting vulnerability that allows
3422	CVE-2025-50688	0.35%	56.9th	6.5	This CVE describes a command injection vulnerability in TwistedWeb 14.0.0 that allows remote attacke
3423	CVE-2025-10134	0.35%	56.9th	9.1	This vulnerability allows unauthenticated attackers to delete arbitrary files on WordPress servers r
3424	CVE-2025-1176	0.35%	56.8th	5.0	A critical heap-based buffer overflow vulnerability in GNU Binutils' linker component (ld) allows re
3425	CVE-2024-13804	0.35%	56.8th	9.8	CVE-2024-13804 is an unauthenticated remote code execution vulnerability in HPE Insight Cluster Mana
3426	CVE-2024-12864	0.35%	56.9th	7.5	An unauthenticated Denial of Service vulnerability exists in netease-youdao/qanything v2.0.0 where a
3427	CVE-2025-0370	0.35%	56.8th	6.4	The WP Shortcodes Plugin — Shortcodes Ultimate for WordPress is vulnerable to stored cross-site sc
3428	CVE-2025-32908	0.35%	56.9th	7.5	A vulnerability in libsoup's HTTP/2 server allows improper validation of pseudo-header values, poten
3429	CVE-2025-3422	0.35%	56.9th	5.4	This vulnerability allows authenticated WordPress users with Subscriber-level access or higher to ex
3430	CVE-2025-3594	0.35%	56.9th	9.8	A path traversal vulnerability in Liferay Portal and DXP allows remote attackers to write arbitrary
3431	CVE-2025-23310	0.35%	56.8th	9.8	CVE-2025-23310 is a critical stack buffer overflow vulnerability in NVIDIA Triton Inference Server t
3432	CVE-2025-22137	0.35%	56.8th	9.8	CVE-2025-22137 is a critical file overwrite vulnerability in Pingvin Share that allows attackers to
3433	CVE-2025-24408	0.35%	56.8th	6.5	Adobe Commerce has an information exposure vulnerability that allows low-privileged attackers to acc
3434	CVE-2024-39272	0.35%	56.8th	9.0	A cross-site scripting vulnerability in ClearML Enterprise Server's dataset upload functionality all
3435	CVE-2025-2859	0.35%	56.8th	9.8	This vulnerability allows attackers with network access to intercept traffic and steal user session
3436	CVE-2025-26010	0.35%	56.8th	9.8	CVE-2025-26010 allows unauthenticated attackers to modify administrator passwords on Telesquare TLR-
3437	CVE-2024-11087	0.35%	56.8th	8.1	This vulnerability allows unauthenticated attackers to bypass authentication in WordPress sites usin
3438	CVE-2025-28238	0.35%	56.8th	9.8	This vulnerability allows attackers to hijack active user sessions in Elber REBLE310 devices running
3439	CVE-2025-32648	0.35%	56.8th	9.8	This vulnerability allows attackers to escalate privileges in Projectopia Projectopia, a WordPress p
3440	CVE-2025-31380	0.35%	56.8th	9.8	This vulnerability allows attackers to bypass authentication and reset passwords for any user accoun
3441	CVE-2025-2567	0.35%	56.8th	9.8	This critical vulnerability allows attackers to modify or disable settings in Automated Tank Gauging
3442	CVE-2025-32491	0.35%	56.8th	9.8	This vulnerability allows attackers to escalate privileges in Rankology SEO WordPress plugin, potent
3443	CVE-2025-32695	0.35%	56.8th	9.8	This vulnerability allows attackers to escalate privileges in the Checkout Mestres WP WordPress plug
3444	CVE-2025-20359	0.35%	56.8th	6.5	A buffer under-read vulnerability in Snort 3's HTTP decoder allows unauthenticated remote attackers
3445	CVE-2025-12497	0.35%	56.8th	8.1	This vulnerability allows unauthenticated attackers to include and execute arbitrary PHP files on Wo
3446	CVE-2025-14704	0.35%	56.8th	7.3	This vulnerability allows remote attackers to perform path traversal attacks via the /eshell API end
3447	CVE-2026-1470	0.35%	56.8th	9.9	This critical vulnerability in n8n's workflow Expression evaluation system allows authenticated user
3448	CVE-2021-47904	0.35%	56.8th	8.8	CVE-2021-47904 is an authenticated file upload vulnerability in PhreeBooks 5.2.3 that allows attacke
3449	CVE-2025-24399	0.35%	56.7th	8.8	This vulnerability allows attackers to bypass authentication on Jenkins instances by exploiting case
3450	CVE-2024-51919	0.35%	56.6th	9.0	This vulnerability allows unauthenticated attackers to upload arbitrary files to WordPress sites run

← Previous Page 69 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free