Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 301 | CVE-2025-1097 |
|
95.5th | 8.8 | CVE-2025-1097 is a critical vulnerability in ingress-nginx where the auth-tls-match-cn annotation ca | |
| 302 | CVE-2025-32463 |
|
95.5th | 9.3 | KEV | This vulnerability in Sudo allows local users to escalate privileges to root by exploiting the --chr |
| 303 | CVE-2025-56819 |
|
95.5th | 9.8 | This vulnerability allows remote attackers to execute arbitrary code on Datart servers by exploiting | |
| 304 | CVE-2025-64328 |
|
95.4th | 7.2 | KEV | FreePBX Endpoint Manager's filestore module contains a post-authentication command injection vulnera |
| 305 | CVE-2021-4462 |
|
95.4th | 9.8 | CVE-2021-4462 is an unrestricted file upload vulnerability in Employee Records System version 1.0 th | |
| 306 | CVE-2025-54948 |
|
95.4th | 9.4 | KEV | A critical vulnerability in Trend Micro Apex One (on-premise) management console allows unauthentica |
| 307 | CVE-2025-21277 |
|
95.3th | 7.5 | This vulnerability in Microsoft Message Queuing (MSMQ) allows attackers to cause a denial of service | |
| 308 | CVE-2024-13322 |
|
95.3th | 7.5 | This SQL injection vulnerability in the Ads Pro WordPress plugin allows unauthenticated attackers to | |
| 309 | CVE-2025-12490 |
|
95.3th | 8.8 | This vulnerability allows authenticated remote attackers to create arbitrary files on Netgate pfSens | |
| 310 | CVE-2025-24011 |
|
95.2th | 5.3 | This vulnerability in Umbraco CMS allows attackers to determine whether specific user accounts exist | |
| 311 | CVE-2025-55184 |
|
95.2th | 7.5 | A pre-authentication denial of service vulnerability in React Server Components allows attackers to | |
| 312 | CVE-2025-5287 |
|
95.2th | 7.5 | This SQL injection vulnerability in the WordPress Likes and Dislikes Plugin allows unauthenticated a | |
| 313 | CVE-2025-29814 |
|
95.2th | 9.3 | CVE-2025-29814 is an improper authorization vulnerability in Microsoft Partner Center that allows au | |
| 314 | CVE-2025-20333 |
|
95.1th | 9.9 | KEV | This critical vulnerability in Cisco ASA and FTD VPN web servers allows authenticated remote attacke |
| 315 | CVE-2024-11635 |
|
95.1th | 9.8 | This vulnerability allows unauthenticated attackers to execute arbitrary code on WordPress servers r | |
| 316 | CVE-2025-34045 |
|
95.1th | 7.5 | A path traversal vulnerability in WeiPHP 5.0 allows unauthenticated remote attackers to read arbitra | |
| 317 | CVE-2026-22200 |
|
95.1th | 7.5 | This vulnerability allows remote attackers to read arbitrary files from the osTicket server filesyst | |
| 318 | CVE-2025-55727 |
|
95.1th | 10.0 | CVE-2025-55727 is a critical remote code execution vulnerability in XWiki Remote Macros that allows | |
| 319 | CVE-2024-13488 |
|
95th | 7.5 | This SQL injection vulnerability in the LTL Freight Quotes – Estes Edition WordPress plugin allows | |
| 320 | CVE-2024-53615 |
|
95th | 6.5 | This CVE describes a command injection vulnerability in Karl Ward's files.gallery video thumbnail re | |
| 321 | CVE-2023-47179 |
|
95th | 8.8 | CVE-2023-47179 is a missing authorization vulnerability in ByConsole WooODT Lite WordPress plugin th | |
| 322 | CVE-2024-51818 |
|
94.9th | 9.3 | This SQL injection vulnerability in the Fancy Product Designer WordPress plugin allows attackers to | |
| 323 | CVE-2025-25038 |
|
94.9th | 9.8 | A critical OS command injection vulnerability in MiniDVBLinux allows remote unauthenticated attacker | |
| 324 | CVE-2025-25579 |
|
94.9th | 9.8 | This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK A3002R routers | |
| 325 | CVE-2025-28146 |
|
94.9th | 9.8 | This CVE describes a critical command injection vulnerability in Edimax AC1200 routers that allows a | |
| 326 | CVE-2024-7014 |
|
94.9th | 8.1 | The EvilVideo vulnerability in Telegram for Android allows attackers to send malicious applications | |
| 327 | CVE-2025-25163 |
|
94.9th | 7.5 | This path traversal vulnerability in the WordPress Plugin A/B Image Optimizer allows attackers to do | |
| 328 | CVE-2025-6934 |
|
94.9th | 9.8 | This vulnerability allows unauthenticated attackers to register accounts with Administrator privileg | |
| 329 | CVE-2024-12535 |
|
94.9th | 8.6 | The Host PHP Info WordPress plugin allows unauthenticated attackers to access sensitive server confi | |
| 330 | CVE-2024-31903 |
|
94.8th | 8.8 | This vulnerability allows attackers on the local network to execute arbitrary code on IBM Sterling B | |
| 331 | CVE-2025-45854 |
|
94.8th | 10.0 | CVE-2025-45854 is a critical remote code execution vulnerability in JEHC-BPM 2.0.1 that allows attac | |
| 332 | CVE-2025-36604 |
|
94.8th | 7.3 | This CVE describes an OS command injection vulnerability in Dell Unity storage systems. Unauthentica | |
| 333 | CVE-2025-5701 |
|
94.8th | 9.8 | The HyperComments WordPress plugin has a critical vulnerability that allows unauthenticated attacker | |
| 334 | CVE-2025-4380 |
|
94.7th | 8.1 | This vulnerability allows unauthenticated attackers to include and execute arbitrary PHP files on Wo | |
| 335 | CVE-2025-22939 |
|
94.7th | 9.8 | A command injection vulnerability in the telnet service of Adtran 411 ONT devices allows unauthentic | |
| 336 | CVE-2025-6771 |
|
94.7th | 7.2 | This vulnerability allows authenticated attackers with high privileges in Ivanti Endpoint Manager Mo | |
| 337 | CVE-2025-2476 |
|
94.7th | 8.8 | This critical vulnerability in Google Chrome's Lens feature allows remote attackers to execute arbit | |
| 338 | CVE-2025-8085 |
|
94.7th | 8.6 | The Ditty WordPress plugin before version 3.1.58 has an authentication bypass vulnerability in its d | |
| 339 | CVE-2025-1562 |
|
94.6th | 9.8 | This vulnerability allows unauthenticated attackers to install arbitrary WordPress plugins on sites | |
| 340 | CVE-2025-29471 |
|
94.6th | 8.3 | A Cross-Site Scripting (XSS) vulnerability in Nagios Log Server v.2024R1.3.1 allows remote attackers | |
| 341 | CVE-2025-2777 |
|
94.6th | 9.3 | SysAid On-Prem versions up to 23.3.40 contain an unauthenticated XML External Entity (XXE) vulnerabi | |
| 342 | CVE-2024-10811 |
|
94.5th | 9.8 | This vulnerability allows remote unauthenticated attackers to perform absolute path traversal attack | |
| 343 | CVE-2025-6804 |
|
94.5th | 7.5 | This vulnerability allows unauthenticated remote attackers to perform directory traversal attacks on | |
| 344 | CVE-2025-6800 |
|
94.5th | 7.5 | This vulnerability allows unauthenticated remote attackers to read arbitrary files on systems runnin | |
| 345 | CVE-2025-6797 |
|
94.5th | 7.5 | This vulnerability allows unauthenticated remote attackers to read arbitrary files on Marvell QConve | |
| 346 | CVE-2025-48954 |
|
94.5th | 8.1 | Discourse versions before 3.5.0.beta6 are vulnerable to cross-site scripting (XSS) when social login | |
| 347 | CVE-2025-63387 |
|
94.5th | 7.5 | CVE-2025-63387 is an insecure permissions vulnerability in Dify v1.9.1 that allows unauthenticated a | |
| 348 | CVE-2025-21276 |
|
94.5th | 7.5 | This vulnerability in Windows MapUrlToZone function allows attackers to cause denial of service by c | |
| 349 | CVE-2025-30154 |
|
94.5th | 8.6 | KEV | CVE-2025-30154 is a supply chain attack where the reviewdog/action-setup GitHub Action was compromis |
| 350 | CVE-2025-22710 |
|
94.5th | 7.6 | This SQL injection vulnerability in the StoreApps Smart Manager WordPress plugin allows attackers to |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free