Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
3651	CVE-2025-25516	0.33%	55th	9.8	Seacms versions up to 13.3 contain a SQL injection vulnerability in admin_paylog.php that allows att
3652	CVE-2025-25513	0.33%	55th	9.8	Seacms versions up to 13.3 contain a SQL injection vulnerability in admin_members.php that allows at
3653	CVE-2025-6704	0.33%	55th	9.8	This vulnerability allows unauthenticated attackers to write arbitrary files to Sophos Firewall syst
3654	CVE-2025-35050	0.33%	55th	9.8	CVE-2025-35050 is a critical remote code execution vulnerability in Newforma Info Exchange (NIX) tha
3655	CVE-2025-12496	0.33%	55th	4.9	The Zephyr Project Manager WordPress plugin has a directory traversal vulnerability that allows auth
3656	CVE-2025-63689	0.33%	55th	10.0	Multiple SQL injection vulnerabilities in the ycf1998 money-pos system allow remote attackers to exe
3657	CVE-2024-27778	0.32%	54.9th	8.8	This CVE-2024-27778 is an OS command injection vulnerability in Fortinet FortiSandbox that allows au
3658	CVE-2022-45185	0.32%	54.9th	8.8	SuiteCRM 7.12.7 contains an authenticated file upload vulnerability that allows authenticated users
3659	CVE-2025-1675	0.32%	54.9th	8.2	CVE-2025-1675 is an out-of-bounds read vulnerability in the dns_copy_qname function of Zephyr RTOS's
3660	CVE-2024-45552	0.32%	55th	8.2	This vulnerability allows information disclosure during video calls when a device receives a malform
3661	CVE-2025-3203	0.32%	54.9th	4.3	This vulnerability in Tenda W18E routers allows remote attackers to trigger a stack-based buffer ove
3662	CVE-2025-4883	0.32%	55th	7.2	A critical stack-based buffer overflow vulnerability in D-Link DI-8100 routers allows remote attacke
3663	CVE-2025-12484	0.32%	55th	7.2	This vulnerability allows unauthenticated attackers to inject malicious scripts into WordPress pages
3664	CVE-2026-1064	0.32%	55th	4.7	This vulnerability allows remote attackers to execute arbitrary commands on Bastillion systems throu
3665	CVE-2026-1063	0.32%	55th	4.7	This CVE describes a command injection vulnerability in Bastillion's Public Key Management System th
3666	CVE-2026-2000	0.32%	55th	4.7	This vulnerability allows remote attackers to execute arbitrary commands on DCN DCME-320 devices thr
3667	CVE-2025-69259	0.32%	54.9th	7.5	A NULL pointer dereference vulnerability in Trend Micro Apex Central allows remote attackers to caus
3668	CVE-2024-11345	0.32%	54.9th	7.3	A heap-based memory vulnerability in the Postscript interpreter of Lexmark devices allows attackers
3669	CVE-2024-11344	0.32%	54.9th	7.3	A type confusion vulnerability in the Postscript interpreter of Lexmark devices allows attackers to
3670	CVE-2024-56940	0.32%	54.9th	7.5	A vulnerability in LearnDash v6.7.1 allows attackers to cause Denial of Service (DoS) by uploading e
3671	CVE-2025-24192	0.32%	54.9th	6.5	A script imports isolation vulnerability in Apple WebKit allows malicious websites to bypass securit
3672	CVE-2025-26645	0.32%	54.9th	8.8	This vulnerability allows attackers to exploit relative path traversal in Remote Desktop Client to e
3673	CVE-2024-51319	0.32%	54.9th	7.3	This vulnerability allows authenticated attackers to include local files and upload malicious JSP fi
3674	CVE-2024-53591	0.32%	54.9th	9.8	This vulnerability in Seclore v3.27.5.0 allows attackers to bypass authentication through brute forc
3675	CVE-2025-31490	0.32%	54.9th	7.5	AutoGPT versions before 0.6.1 contain a DNS rebinding vulnerability in the requests wrapper that all
3676	CVE-2025-3268	0.32%	54.9th	5.3	This vulnerability allows remote attackers to bypass authentication mechanisms in TinyWebServer by m
3677	CVE-2025-24919	0.32%	54.9th	8.1	A deserialization vulnerability in Dell ControlVault3 and ControlVault3 Plus firmware allows arbitra
3678	CVE-2025-9428	0.32%	54.9th	8.3	This vulnerability allows authenticated attackers to execute arbitrary SQL commands through the key
3679	CVE-2025-9064	0.32%	54.9th	9.1	An unauthenticated path traversal vulnerability in FactoryTalk View Machine Edition allows attackers
3680	CVE-2025-13659	0.32%	54.8th	8.8	This vulnerability in Ivanti Endpoint Manager allows remote, unauthenticated attackers to write arbi
3681	CVE-2025-12548	0.32%	54.9th	9.0	This vulnerability in Eclipse Che che-machine-exec allows unauthenticated attackers to execute arbit
3682	CVE-2025-59470	0.32%	54.9th	9.0	This vulnerability allows authenticated Backup Operators to execute arbitrary code as the postgres u
3683	CVE-2025-21399	0.32%	54.8th	7.4	This vulnerability in Microsoft Edge (Chromium-based) allows an attacker to elevate privileges on a
3684	CVE-2024-56300	0.32%	54.7th	7.5	This vulnerability in the WPSpins Post/Page Copying Tool WordPress plugin allows attackers to retrie
3685	CVE-2025-27135	0.32%	54.8th	9.8	CVE-2025-27135 is a critical SQL injection vulnerability in RAGFlow's ExeSQL component that allows a
3686	CVE-2025-36625	0.32%	54.7th	4.3	This vulnerability allows unauthenticated attackers to manipulate Nessus logging entries by sending
3687	CVE-2025-3034	0.32%	54.8th	8.1	This CVE describes memory safety bugs in Firefox and Thunderbird that could lead to memory corruptio
3688	CVE-2021-4465	0.32%	54.8th	N/A	This vulnerability allows unauthenticated remote attackers to cause denial-of-service by sending a s
3689	CVE-2025-27404	0.32%	54.7th	7.6	This is a cross-site scripting (XSS) vulnerability in Icinga Web 2 that allows attackers to craft ma
3690	CVE-2025-3410	0.32%	54.7th	6.3	This critical vulnerability in mymagicpower AIAS allows remote attackers to upload arbitrary files w
3691	CVE-2025-53867	0.32%	54.7th	9.8	This vulnerability allows remote attackers to execute arbitrary code on systems running vulnerable v
3692	CVE-2024-42516	0.32%	54.7th	7.5	This HTTP response splitting vulnerability in Apache HTTP Server allows attackers to manipulate Cont
3693	CVE-2025-9048	0.32%	54.7th	8.1	The Wptobe-memberships WordPress plugin contains an arbitrary file deletion vulnerability in the del
3694	CVE-2025-10639	0.32%	54.6th	8.8	CVE-2025-10639 allows attackers with network access to TCP port 12304 to use hardcoded FTP credentia
3695	CVE-2025-10706	0.32%	54.6th	8.8	The Classified Pro WordPress theme allows authenticated users with subscriber-level access or higher
3696	CVE-2025-68271	0.32%	54.7th	10.0	OpenC3 COSMOS versions 5.0.0 through 6.10.1 contain a critical remote code execution vulnerability i
3697	CVE-2026-0404	0.32%	54.6th	8.0	An insufficient input validation vulnerability in NETGEAR Orbi routers' DHCPv6 functionality allows
3698	CVE-2025-64093	0.32%	54.7th	10.0	This is a critical remote code execution vulnerability in Zenitel devices that allows unauthenticate
3699	CVE-2024-57659	0.32%	54.6th	7.5	This vulnerability in OpenLink Virtuoso OpenSource allows attackers to cause denial of service by se
3700	CVE-2024-57655	0.32%	54.6th	7.5	This vulnerability in OpenLink Virtuoso OpenSource allows attackers to cause denial of service by se

← Previous Page 74 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free