Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 3751 | CVE-2025-21370 |
|
54.1th | 7.8 | This vulnerability allows an authenticated attacker to elevate privileges within Windows Virtualizat | |
| 3752 | CVE-2025-1973 |
|
54.2th | 4.9 | This vulnerability in the Export and Import Users and Customers WordPress plugin allows authenticate | |
| 3753 | CVE-2024-13773 |
|
54.1th | 7.3 | The Civi WordPress theme contains hard-coded LinkedIn API credentials in all versions up to 2.1.4, a | |
| 3754 | CVE-2024-49200 |
|
54.2th | 6.4 | This vulnerability allows attackers to perform arbitrary writes in DXE memory by manipulating NVRAM | |
| 3755 | CVE-2025-30726 |
|
54.2th | 5.3 | This vulnerability in Oracle Application Object Library allows unauthenticated attackers with networ | |
| 3756 | CVE-2025-56588 |
|
54.2th | 8.8 | Dolibarr ERP & CRM version 21.0.1 contains a remote code execution vulnerability in the User module | |
| 3757 | CVE-2022-50932 |
|
54.1th | 7.5 | Kyocera Command Center RX ECOSYS M2035dn has a directory traversal vulnerability that allows unauthe | |
| 3758 | CVE-2026-25510 |
|
54.2th | 9.9 | This vulnerability allows authenticated users with file editor permissions in CI4MS to achieve remot | |
| 3759 | CVE-2025-21262 |
|
54.1th | 5.4 | This vulnerability allows an attacker to spoof UI elements in Microsoft Edge, potentially tricking u | |
| 3760 | CVE-2024-46668 |
|
54.1th | 7.5 | This CVE describes a resource exhaustion vulnerability in FortiOS where an unauthenticated remote at | |
| 3761 | CVE-2024-2240 |
|
54.1th | 7.2 | The Docker daemon in Brocade SANnav management software versions before 2.3.1b runs without auditing | |
| 3762 | CVE-2025-30821 |
|
54.1th | 5.3 | This CVE describes a missing authorization vulnerability in the SNORDIAN's H5PxAPIkatchu WordPress p | |
| 3763 | CVE-2024-10812 |
|
54.1th | 6.1 | An open redirect vulnerability in binary-husky/gpt_academic version 3.83 allows attackers to redirec | |
| 3764 | CVE-2025-0475 |
|
54.1th | 8.7 | A cross-site scripting (XSS) vulnerability in GitLab's proxy feature allows attackers to inject mali | |
| 3765 | CVE-2025-32256 |
|
54.1th | 5.3 | CVE-2025-32256 is a missing authorization vulnerability in SurveyJS that allows attackers to access | |
| 3766 | CVE-2025-43995 |
|
54.1th | 9.8 | CVE-2025-43995 is an authentication bypass vulnerability in Dell Storage Manager that allows unauthe | |
| 3767 | CVE-2025-55698 |
|
54.1th | 7.7 | A null pointer dereference vulnerability in Windows DirectX allows authenticated attackers to cause | |
| 3768 | CVE-2025-14879 |
|
54.1th | 9.8 | This vulnerability allows remote attackers to execute arbitrary code on Tenda WH450 routers by explo | |
| 3769 | CVE-2025-14709 |
|
54.1th | 9.8 | A buffer overflow vulnerability in the Shiguangwu sgwbox N3 NAS device allows remote attackers to ex | |
| 3770 | CVE-2025-14708 |
|
54.1th | 9.8 | A remote buffer overflow vulnerability exists in Shiguangwu sgwbox N3 devices version 2.0.25 through | |
| 3771 | CVE-2025-24783 |
|
54.1th | 7.5 | This vulnerability allows attackers to guess continuation identifiers in Apache Cocoon due to insuff | |
| 3772 | CVE-2025-24235 |
|
54th | 5.5 | A memory initialization vulnerability in macOS allows remote attackers to cause application crashes | |
| 3773 | CVE-2025-32819 |
|
54th | 8.8 | This vulnerability allows authenticated SSLVPN users on SMA100 devices to bypass path traversal prot | |
| 3774 | CVE-2025-8120 |
|
54th | 9.8 | CVE-2025-8120 is an unauthenticated remote code execution vulnerability in PAD CMS's photo upload fu | |
| 3775 | CVE-2025-7063 |
|
54th | 9.8 | CVE-2025-7063 is an unauthenticated remote code execution vulnerability in PAD CMS's file upload fun | |
| 3776 | CVE-2025-62392 |
|
54th | 6.5 | This SQL injection vulnerability in Ivanti Endpoint Manager allows authenticated attackers to read a | |
| 3777 | CVE-2025-62391 |
|
54th | 6.5 | This SQL injection vulnerability in Ivanti Endpoint Manager allows authenticated attackers to read a | |
| 3778 | CVE-2025-62390 |
|
54th | 6.5 | This SQL injection vulnerability in Ivanti Endpoint Manager allows authenticated attackers to read a | |
| 3779 | CVE-2025-62389 |
|
54th | 6.5 | This SQL injection vulnerability in Ivanti Endpoint Manager allows authenticated attackers to read a | |
| 3780 | CVE-2025-62388 |
|
54th | 6.5 | This SQL injection vulnerability in Ivanti Endpoint Manager allows authenticated attackers to read a | |
| 3781 | CVE-2025-62387 |
|
54th | 6.5 | This SQL injection vulnerability in Ivanti Endpoint Manager allows authenticated attackers to read a | |
| 3782 | CVE-2025-62386 |
|
54th | 6.5 | This SQL injection vulnerability in Ivanti Endpoint Manager allows authenticated attackers to read a | |
| 3783 | CVE-2025-62385 |
|
54th | 6.5 | This SQL injection vulnerability in Ivanti Endpoint Manager allows authenticated attackers to read a | |
| 3784 | CVE-2025-62384 |
|
54th | 6.5 | This SQL injection vulnerability in Ivanti Endpoint Manager allows authenticated attackers to read a | |
| 3785 | CVE-2025-62383 |
|
54th | 6.5 | This SQL injection vulnerability in Ivanti Endpoint Manager allows authenticated attackers to read a | |
| 3786 | CVE-2025-59366 |
|
54th | N/A | An authentication bypass vulnerability in AiCloud allows attackers to execute specific functions wit | |
| 3787 | CVE-2025-20341 |
|
54th | 8.8 | This vulnerability in Cisco Catalyst Center Virtual Appliance allows authenticated users with at lea | |
| 3788 | CVE-2024-4027 |
|
54th | 7.5 | This vulnerability in Undertow allows remote attackers to cause denial-of-service by sending HTTP re | |
| 3789 | CVE-2025-26361 |
|
53.9th | 9.1 | CVE-2025-26361 allows unauthenticated remote attackers to factory reset Q-Free MaxTime devices via c | |
| 3790 | CVE-2025-24083 |
|
54th | 7.8 | CVE-2025-24083 is an untrusted pointer dereference vulnerability in Microsoft Office that allows loc | |
| 3791 | CVE-2025-24082 |
|
54th | 7.8 | A use-after-free vulnerability in Microsoft Office Excel allows attackers to execute arbitrary code | |
| 3792 | CVE-2025-24081 |
|
54th | 7.8 | This vulnerability is a use-after-free memory corruption flaw in Microsoft Office Excel that allows | |
| 3793 | CVE-2025-24080 |
|
54th | 7.8 | A use-after-free vulnerability in Microsoft Office allows an attacker to execute arbitrary code on a | |
| 3794 | CVE-2025-24079 |
|
54th | 7.8 | A use-after-free vulnerability in Microsoft Office Word allows attackers to execute arbitrary code o | |
| 3795 | CVE-2025-1945 |
|
53.9th | 9.8 | CVE-2025-1945 is a vulnerability in picklescan versions before 0.0.23 that allows attackers to bypas | |
| 3796 | CVE-2025-30670 |
|
54th | 6.5 | A null pointer dereference vulnerability in Zoom Workplace Apps for Windows allows authenticated use | |
| 3797 | CVE-2023-46988 |
|
54th | 6.7 | A path traversal vulnerability in ONLYOFFICE Document Server allows remote attackers to copy arbitra | |
| 3798 | CVE-2025-46731 |
|
54th | 7.2 | This CVE describes a server-side template injection (SSTI) vulnerability in Craft CMS that could all | |
| 3799 | CVE-2025-7837 |
|
53.9th | 8.8 | A critical buffer overflow vulnerability exists in the MQTT service of TOTOLINK T6 routers, specific | |
| 3800 | CVE-2025-53645 |
|
54th | 7.5 | This vulnerability allows unauthenticated remote attackers to cause denial of service in Zimbra Coll |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free