Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
3401	CVE-2025-36896	0.03%	7.2th	9.8	This vulnerability in the WLAN subsystem of Android on Google Pixel devices allows local attackers t
3402	CVE-2025-36890	0.03%	7.2th	9.8	CVE-2025-36890 is an elevation of privilege vulnerability in Android that allows attackers to gain h
3403	CVE-2025-40604	0.03%	7.1th	9.8	This critical vulnerability in SonicWall Email Security appliances allows attackers with access to v
3404	CVE-2026-1868	0.03%	7.1th	9.9	This vulnerability in GitLab AI Gateway allows attackers to execute arbitrary code or cause denial o
3405	CVE-2025-47275	0.03%	6.6th	9.1	This vulnerability allows attackers to brute-force authentication tags in session cookies of applica
3406	CVE-2025-48129	0.03%	6.5th	9.8	This vulnerability allows attackers to escalate privileges in WordPress sites using the Spreadsheet
3407	CVE-2025-63289	0.03%	6.5th	9.1	The Sogexia Android app contains hardcoded encryption keys in its SDK, allowing attackers to decrypt
3408	CVE-2026-21430	0.03%	6.7th	9.3	CVE-2026-21430 is a CSRF vulnerability in Emlog's article creation functionality that allows attacke
3409	CVE-2026-23796	0.03%	6.5th	9.8	Quick.Cart e-commerce software has a session fixation vulnerability where an attacker can set a vict
3410	CVE-2026-25049	0.03%	6.8th	9.9	This vulnerability allows authenticated users with workflow creation/modification permissions in n8n
3411	CVE-2025-2828	0.03%	6.4th	10.0	This Server-Side Request Forgery (SSRF) vulnerability in langchain-community's RequestsToolkit allow
3412	CVE-2025-43023	0.03%	6.3th	9.1	This vulnerability involves HP Linux Imaging and Printing Software using a weak DSA signing key for
3413	CVE-2025-64767	0.03%	6.3th	9.1	A race condition in hpke-js's SenderContext Seal() API allows re-use of AEAD nonces across multiple
3414	CVE-2022-50925	0.03%	6.2th	9.8	CVE-2022-50925 is a remote keystroke injection vulnerability in Prowise Reflect version 1.0.9 that a
3415	CVE-2026-24465	0.03%	6.5th	9.8	A stack-based buffer overflow vulnerability in ELECOM wireless LAN access point devices allows remot
3416	CVE-2025-46408	0.02%	5.7th	9.8	This vulnerability in AVTECH EagleEyes 2.0.0 disables HTTPS hostname verification, allowing man-in-t
3417	CVE-2025-61481	0.02%	6th	10.0	MikroTik RouterOS and SwOS expose their WebFig management interface over unencrypted HTTP by default
3418	CVE-2025-68723	0.02%	6th	9.0	Axigen Mail Server versions before 10.5.57 contain multiple stored XSS vulnerabilities in the WebAdm
3419	CVE-2025-43491	0.02%	5.5th	9.8	A vulnerability in Poly Lens Desktop for Windows allows local attackers to modify filesystem permiss
3420	CVE-2025-44005	0.02%	5.6th	10.0	This critical vulnerability in Step CA allows attackers to bypass authorization checks in ACME or SC
3421	CVE-2025-7398	0.02%	5.2th	9.1	Brocade ASCG versions before 3.3.0 use medium-strength cryptography algorithms on internal ports 900
3422	CVE-2025-45765	0.02%	5.3th	9.1	CVE-2025-45765 is a weak encryption vulnerability in ruby-jwt v3.0.0.beta1 that allows attackers to
3423	CVE-2025-47933	0.02%	4.8th	9.0	This vulnerability allows attackers to perform cross-site scripting (XSS) attacks in Argo CD's repos
3424	CVE-2025-53391	0.02%	5th	9.3	This vulnerability in Debian's zuluCrypt package allows local users to escalate privileges to root d
3425	CVE-2025-54010	0.02%	5.1th	9.6	A Cross-Site Request Forgery (CSRF) vulnerability in the Shahjahan Jewel FluentSnippets WordPress pl
3426	CVE-2025-27466	0.02%	5.1th	9.8	Multiple vulnerabilities in Xen's viridian code allow attackers to cause denial of service or potent
3427	CVE-2025-52835	0.02%	4.9th	9.6	A Cross-Site Request Forgery (CSRF) vulnerability in the ConoHa by GMO WING WordPress Migrator plugi
3428	CVE-2026-22583	0.02%	5th	9.8	This vulnerability allows attackers to inject malicious arguments into Salesforce Marketing Cloud co
3429	CVE-2026-22582	0.02%	5th	9.8	This vulnerability allows attackers to inject malicious arguments into Salesforce Marketing Cloud co
3430	CVE-2025-63386	0.02%	4.8th	9.1	A CORS misconfiguration in Dify v1.9.1 allows arbitrary external domains to make authenticated reque
3431	CVE-2025-64443	0.02%	4.8th	9.6	MCP Gateway versions 0.27.0 and earlier are vulnerable to DNS rebinding attacks when running in SSE
3432	CVE-2026-25053	0.02%	4.7th	9.9	This vulnerability in n8n workflow automation platform allows authenticated users with workflow crea
3433	CVE-2026-20407	0.02%	4.6th	9.3	This CVE describes a privilege escalation vulnerability in MediaTek wlan STA drivers where missing b
3434	CVE-2025-49381	0.02%	4.4th	9.6	A Cross-Site Request Forgery (CSRF) vulnerability in the WordPress ads.txt Guru Connect plugin allow
3435	CVE-2025-54321	0.02%	4.4th	9.8	Ascertia SigningHub versions through 8.6.8 have a rate limiting vulnerability in the password reset
3436	CVE-2025-63388	0.02%	4.5th	9.1	This CVE describes a CORS misconfiguration in Dify v1.9.1 that allows any external domain to make au
3437	CVE-2025-64113	0.02%	4.4th	9.8	CVE-2025-64113 is an authentication bypass vulnerability in Emby Server that allows attackers to gai
3438	CVE-2025-13952	0.02%	4.5th	9.8	This vulnerability allows remote code execution through malicious web pages containing specially cra
3439	CVE-2026-22586	0.02%	4.3th	9.8	A hard-coded cryptographic key vulnerability in Salesforce Marketing Cloud Engagement allows attacke
3440	CVE-2026-25160	0.02%	4.4th	9.1	Alist file list program versions before 3.57.0 disable TLS certificate verification by default for a
3441	CVE-2025-15030	0.02%	4.5th	9.8	The User Profile Builder WordPress plugin before version 3.15.2 has an improper password reset mecha
3442	CVE-2025-53314	0.02%	4th	9.6	A Cross-Site Request Forgery (CSRF) vulnerability in the WP Optimizer WordPress plugin allows attack
3443	CVE-2025-55346	0.02%	3.9th	9.8	This vulnerability allows remote attackers to execute arbitrary JavaScript code on vulnerable Flowis
3444	CVE-2025-47372	0.02%	3.8th	9.0	This vulnerability allows attackers to execute arbitrary code or cause denial of service by providin
3445	CVE-2025-65849	0.02%	3.9th	9.1	A cryptanalytic vulnerability in Altcha's Proof-of-Work obfuscation mode allows attackers to recover
3446	CVE-2026-21636	0.02%	4.1th	10.0	A critical vulnerability in Node.js v25's experimental permission model allows attacker-controlled i
3447	CVE-2025-67647	0.02%	4.2th	9.1	SvelteKit versions 2.19.0 through 2.49.4 are vulnerable to server-side request forgery (SSRF) and de
3448	CVE-2025-62799	0.02%	3.9th	9.8	A heap buffer overflow vulnerability in Fast DDS allows unauthenticated attackers to send a single m
3449	CVE-2026-25052	0.02%	3.4th	9.9	This vulnerability in n8n workflow automation platform allows authenticated users with workflow crea
3450	CVE-2025-58997	0.02%	3.1th	9.6	A Cross-Site Request Forgery (CSRF) vulnerability in the Frenify Mow WordPress theme allows attacker

← Previous Page 69 of 70 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free