Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 3451 | CVE-2025-0968 |
|
56.6th | 5.3 | The ElementsKit Elementor addons plugin for WordPress has an information disclosure vulnerability th | |
| 3452 | CVE-2025-49013 |
|
56.7th | 9.9 | This CVE describes a critical code injection vulnerability in WilderForge GitHub Actions workflows w | |
| 3453 | CVE-2025-30067 |
|
56.6th | 7.2 | This CVE describes a code injection vulnerability in Apache Kylin where attackers with admin access | |
| 3454 | CVE-2024-12070 |
|
56.6th | 7.5 | This vulnerability allows unauthenticated attackers to cause denial of service by sending file uploa | |
| 3455 | CVE-2025-25214 |
|
56.6th | 8.8 | A race condition vulnerability in WWBN AVideo's aVideoEncoder.json.php unzip functionality allows at | |
| 3456 | CVE-2025-11456 |
|
56.6th | 9.8 | The ELEX WordPress HelpDesk plugin has a critical vulnerability allowing unauthenticated attackers t | |
| 3457 | CVE-2025-64988 |
|
56.6th | 7.2 | A command injection vulnerability in TeamViewer DEX (formerly 1E DEX) allows authenticated attackers | |
| 3458 | CVE-2025-64987 |
|
56.6th | 7.2 | A command injection vulnerability in TeamViewer DEX (formerly 1E DEX) allows authenticated attackers | |
| 3459 | CVE-2025-64986 |
|
56.6th | 7.2 | A command injection vulnerability in TeamViewer DEX (formerly 1E DEX) allows authenticated attackers | |
| 3460 | CVE-2025-24319 |
|
56.6th | 6.5 | This vulnerability allows attackers to send specific API requests to BIG-IP Next Central Manager tha | |
| 3461 | CVE-2025-24368 |
|
56.5th | 7.5 | This SQL injection vulnerability in Cacti allows attackers to manipulate database queries through th | |
| 3462 | CVE-2025-3664 |
|
56.5th | 5.3 | This critical vulnerability in TOTOLINK A3700R routers allows attackers to bypass access controls on | |
| 3463 | CVE-2025-23391 |
|
56.6th | 9.1 | A privilege escalation vulnerability in SUSE Rancher allows Restricted Administrators to change pass | |
| 3464 | CVE-2025-2317 |
|
56.5th | 7.5 | The Product Filter by WBW WordPress plugin contains a time-based SQL injection vulnerability that al | |
| 3465 | CVE-2025-69828 |
|
56.5th | 10.0 | A critical file upload vulnerability in TMS Global Software TMS Management Console allows remote att | |
| 3466 | CVE-2024-8149 |
|
56.5th | 4.6 | A reflected Cross-Site Scripting (XSS) vulnerability in Esri Portal for ArcGIS allows authenticated | |
| 3467 | CVE-2025-57794 |
|
56.5th | 9.1 | Explorance Blue versions before 8.14.9 contain an authenticated unrestricted file upload vulnerabili | |
| 3468 | CVE-2026-0963 |
|
56.5th | 9.9 | An input neutralization vulnerability in Crafty Controller's File Operations API Endpoint allows aut | |
| 3469 | CVE-2020-36084 |
|
56.4th | 9.8 | This SQL injection vulnerability in Responsive E-Learning System 1.0 allows remote attackers to exec | |
| 3470 | CVE-2025-1943 |
|
56.5th | 8.2 | CVE-2025-1943 is a heap-based buffer overflow vulnerability in Firefox and Thunderbird that could al | |
| 3471 | CVE-2025-1502 |
|
56.5th | 5.3 | The IP2Location Redirection plugin for WordPress has an authentication bypass vulnerability that all | |
| 3472 | CVE-2025-11171 |
|
56.4th | 5.3 | The Chartify WordPress plugin has a critical authentication bypass vulnerability that allows unauthe | |
| 3473 | CVE-2023-53980 |
|
56.5th | 9.8 | CVE-2023-53980 is a critical remote code execution vulnerability in ProjectSend r1605 that allows at | |
| 3474 | CVE-2026-22688 |
|
56.5th | 9.9 | CVE-2026-22688 is a command injection vulnerability in WeKnora that allows authenticated users to in | |
| 3475 | CVE-2025-20014 |
|
56.4th | 9.8 | CVE-2025-20014 is a critical OS command injection vulnerability in mySCADA myPRO software that allow | |
| 3476 | CVE-2025-26533 |
|
56.4th | 8.1 | This SQL injection vulnerability in Moodle's course search module filter allows attackers to execute | |
| 3477 | CVE-2024-55210 |
|
56.4th | 9.8 | This vulnerability allows attackers to bypass multi-factor authentication in TOTVS Framework (Linha | |
| 3478 | CVE-2025-10443 |
|
56.4th | 8.8 | A buffer overflow vulnerability in Tenda AC9 and AC15 routers allows remote attackers to execute arb | |
| 3479 | CVE-2025-61196 |
|
56.4th | 8.8 | This vulnerability allows remote attackers to execute arbitrary code on BusinessNext CRMnext systems | |
| 3480 | CVE-2025-0762 |
|
56.3th | 8.8 | This CVE describes a use-after-free vulnerability in Chrome's DevTools that could allow heap corrupt | |
| 3481 | CVE-2025-20156 |
|
56.4th | 9.9 | This vulnerability allows authenticated users with low privileges in Cisco Meeting Management to ele | |
| 3482 | CVE-2025-24497 |
|
56.3th | 7.5 | This vulnerability in F5 BIG-IP systems allows attackers to cause Traffic Management Microkernel (TM | |
| 3483 | CVE-2025-24326 |
|
56.3th | 7.5 | A memory exhaustion vulnerability in F5 BIG-IP Advanced WAF/ASM when the Behavioral DoS TLS Signatur | |
| 3484 | CVE-2025-24312 |
|
56.3th | 7.5 | This vulnerability in BIG-IP AFM with IPS module enabled allows undisclosed traffic to cause excessi | |
| 3485 | CVE-2025-23412 |
|
56.3th | 7.5 | This vulnerability in BIG-IP APM allows an attacker to send specially crafted requests that cause th | |
| 3486 | CVE-2025-22891 |
|
56.3th | 7.5 | This vulnerability in F5 BIG-IP PEM allows undisclosed traffic to cause a denial of service by stopp | |
| 3487 | CVE-2025-22846 |
|
56.3th | 7.5 | This vulnerability in F5 BIG-IP systems causes the Traffic Management Microkernel (TMM) to crash whe | |
| 3488 | CVE-2025-21091 |
|
56.3th | 7.5 | This vulnerability in F5 BIG-IP systems allows attackers to cause memory exhaustion through undisclo | |
| 3489 | CVE-2025-21087 |
|
56.3th | 7.5 | This vulnerability allows attackers to cause resource exhaustion on F5 BIG-IP systems by sending spe | |
| 3490 | CVE-2025-20058 |
|
56.3th | 7.5 | This vulnerability in F5 BIG-IP message routing profiles allows undisclosed traffic to cause excessi | |
| 3491 | CVE-2025-2290 |
|
56.3th | 5.3 | The LifterLMS WordPress plugin has an unauthenticated post trashing vulnerability that allows attack | |
| 3492 | CVE-2025-65202 |
|
56.3th | 8.0 | This vulnerability allows authenticated attackers to execute arbitrary operating system commands wit | |
| 3493 | CVE-2025-64693 |
|
56.3th | 9.8 | A heap-based buffer overflow vulnerability in MaLion and MaLionCloud's Windows Security Point compon | |
| 3494 | CVE-2025-62691 |
|
56.3th | 9.8 | This critical vulnerability in MaLion and MaLionCloud Security Point for Windows allows remote unaut | |
| 3495 | CVE-2025-67707 |
|
56.3th | 5.6 | ArcGIS Server versions 11.5 and earlier on Windows and Linux contain a file upload vulnerability tha | |
| 3496 | CVE-2025-67706 |
|
56.3th | 5.6 | ArcGIS Server versions 11.5 and earlier on Windows and Linux contain a file upload vulnerability whe | |
| 3497 | CVE-2024-12859 |
|
56.2th | 8.8 | The BoomBox Theme Extensions plugin for WordPress has a Local File Inclusion vulnerability that allo | |
| 3498 | CVE-2025-30095 |
|
56.3th | 9.0 | This vulnerability allows attackers to conduct man-in-the-middle attacks against SSH connections usi | |
| 3499 | CVE-2024-12563 |
|
56.2th | 8.8 | The s2Member Pro WordPress plugin has a Local File Inclusion vulnerability that allows authenticated | |
| 3500 | CVE-2025-30730 |
|
56.3th | 7.5 | This vulnerability allows unauthenticated attackers to cause a denial of service (DoS) in Oracle App |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free