Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 3851 | CVE-2024-50384 |
|
53.6th | 6.5 | A denial of service vulnerability in STMicroelectronics X-CUBE-AZRTOS-WL NetX Component HTTP server | |
| 3852 | CVE-2025-11177 |
|
53.5th | 7.5 | The External Login WordPress plugin contains an SQL injection vulnerability in the 'log' parameter t | |
| 3853 | CVE-2022-50787 |
|
53.6th | 7.2 | CVE-2022-50787 is an unauthenticated stored cross-site scripting vulnerability in SOUND4 IMPACT/FIRS | |
| 3854 | CVE-2025-54306 |
|
53.6th | 7.2 | This CVE describes a remote code execution vulnerability in Thermo Fisher Torrent Suite's Django app | |
| 3855 | CVE-2024-12041 |
|
53.5th | 5.3 | This vulnerability allows unauthenticated attackers to access sensitive user information through the | |
| 3856 | CVE-2025-28235 |
|
53.5th | 7.5 | This vulnerability allows attackers to retrieve administrator credentials in plaintext from Soundcra | |
| 3857 | CVE-2025-32635 |
|
53.5th | 7.5 | The Hive Support WordPress plugin versions up to 1.2.2 contain a vulnerability that allows attackers | |
| 3858 | CVE-2025-32596 |
|
53.5th | 7.3 | This CVE describes a code injection vulnerability in the Real Estate Manager WordPress plugin that a | |
| 3859 | CVE-2025-26730 |
|
53.5th | 7.5 | This vulnerability exposes sensitive system information to unauthorized users in the WordPress Macro | |
| 3860 | CVE-2023-53157 |
|
53.5th | 5.3 | The rosenpass crate for Rust versions before 0.2.1 contains a vulnerability where processing a speci | |
| 3861 | CVE-2025-20265 |
|
53.5th | 10.0 | This critical vulnerability in Cisco Secure Firewall Management Center allows unauthenticated remote | |
| 3862 | CVE-2025-13376 |
|
53.5th | 7.2 | The ProjectList WordPress plugin allows authenticated attackers with Editor-level access or higher t | |
| 3863 | CVE-2025-20726 |
|
53.4th | 7.5 | This vulnerability allows remote attackers to execute arbitrary code on affected devices by exploiti | |
| 3864 | CVE-2025-20725 |
|
53.4th | 7.5 | This vulnerability in the IMS service allows remote privilege escalation through an out-of-bounds wr | |
| 3865 | CVE-2026-22844 |
|
53.5th | 9.9 | A command injection vulnerability in Zoom Node Multimedia Routers allows meeting participants to exe | |
| 3866 | CVE-2024-57722 |
|
53.4th | 7.5 | Lunasvg v3.0.0 contains an allocation-size-too-big vulnerability in the plutovg_surface_create compo | |
| 3867 | CVE-2023-47224 |
|
53.4th | 7.5 | This CVE describes a missing authorization vulnerability in the WP Travel WordPress plugin that allo | |
| 3868 | CVE-2025-26347 |
|
53.4th | 9.8 | This vulnerability allows unauthenticated remote attackers to edit user permissions in Q-Free MaxTim | |
| 3869 | CVE-2025-1182 |
|
53.4th | 5.0 | A critical memory corruption vulnerability in GNU Binutils' linker (ld) allows remote attackers to p | |
| 3870 | CVE-2025-25185 |
|
53.3th | 7.5 | CVE-2025-25185 is a path traversal vulnerability in GPT Academic that allows attackers to read arbit | |
| 3871 | CVE-2025-26687 |
|
53.4th | 7.5 | CVE-2025-26687 is a use-after-free vulnerability in Windows Win32K graphics subsystem that allows lo | |
| 3872 | CVE-2025-26668 |
|
53.4th | 7.5 | A heap-based buffer overflow vulnerability in Windows Routing and Remote Access Service (RRAS) allow | |
| 3873 | CVE-2025-9517 |
|
53.4th | 7.2 | The atec Debug plugin for WordPress has a remote code execution vulnerability that allows authentica | |
| 3874 | CVE-2025-59248 |
|
53.4th | 7.5 | This vulnerability in Microsoft Exchange Server allows unauthorized attackers to perform spoofing at | |
| 3875 | CVE-2025-0396 |
|
53.3th | 7.8 | This critical vulnerability in exelban stats allows local attackers to execute arbitrary commands th | |
| 3876 | CVE-2024-11172 |
|
53.3th | 7.5 | An unauthenticated denial-of-service vulnerability in librechat allows attackers to crash the server | |
| 3877 | CVE-2025-1393 |
|
53.3th | 9.8 | This vulnerability allows unauthenticated remote attackers to gain full administrative control over | |
| 3878 | CVE-2024-13373 |
|
53.3th | 8.1 | The Exertio Framework WordPress plugin has a critical authentication bypass vulnerability that allow | |
| 3879 | CVE-2025-4347 |
|
53.3th | 8.8 | A critical buffer overflow vulnerability in D-Link DIR-600L routers allows remote attackers to execu | |
| 3880 | CVE-2025-4345 |
|
53.3th | 8.8 | A critical buffer overflow vulnerability in D-Link DIR-600L routers allows remote attackers to execu | |
| 3881 | CVE-2025-5304 |
|
53.3th | 9.8 | The PT Project Notebooks WordPress plugin versions 1.0.0 through 1.1.3 contain a privilege escalatio | |
| 3882 | CVE-2025-8159 |
|
53.3th | 8.8 | This critical vulnerability in D-Link DIR-513 routers allows remote attackers to execute arbitrary c | |
| 3883 | CVE-2025-47187 |
|
53.3th | 7.5 | This vulnerability allows unauthenticated attackers to upload arbitrary WAV files to affected Mitel | |
| 3884 | CVE-2025-49751 |
|
53.3th | 6.8 | A missing synchronization vulnerability in Windows Hyper-V allows authenticated attackers on adjacen | |
| 3885 | CVE-2025-10643 |
|
53.3th | 9.1 | This vulnerability allows remote attackers to bypass authentication in Wondershare Repairit without | |
| 3886 | CVE-2025-54406 |
|
53.3th | 8.8 | This CVE describes OS command injection vulnerabilities in Planet WGR-500 routers that allow remote | |
| 3887 | CVE-2025-54404 |
|
53.3th | 8.8 | This CVE describes OS command injection vulnerabilities in Planet WGR-500 routers that allow remote | |
| 3888 | CVE-2025-54403 |
|
53.3th | 8.8 | This CVE describes OS command injection vulnerabilities in Planet WGR-500 routers that allow remote | |
| 3889 | CVE-2023-53924 |
|
53.3th | 8.8 | This vulnerability allows authenticated attackers to upload malicious PHP files disguised as avatar | |
| 3890 | CVE-2025-13094 |
|
53.3th | 8.8 | The WP3D Model Import Viewer plugin for WordPress has a vulnerability that allows authenticated atta | |
| 3891 | CVE-2025-12968 |
|
53.3th | 8.8 | The Infility Global WordPress plugin allows authenticated attackers with subscriber-level access or | |
| 3892 | CVE-2025-14087 |
|
53.3th | 5.6 | A buffer-underflow vulnerability in GLib's GVariant parser allows remote attackers to cause heap cor | |
| 3893 | CVE-2025-46068 |
|
53.3th | 8.8 | This vulnerability allows remote attackers to execute arbitrary code on Automai Director v25.2.0 sys | |
| 3894 | CVE-2026-21697 |
|
53.3th | 8.1 | A race condition vulnerability in axios4go Go HTTP client library allows concurrent requests to muta | |
| 3895 | CVE-2025-70073 |
|
53.3th | 7.2 | A remote code execution vulnerability in ChestnutCMS v1.5.8 and earlier allows attackers to execute | |
| 3896 | CVE-2025-0500 |
|
53.3th | 7.5 | This CVE describes a man-in-the-middle vulnerability in Amazon's remote desktop clients (WorkSpaces, | |
| 3897 | CVE-2025-21296 |
|
53.2th | 7.5 | This CVE describes a use-after-free vulnerability (CWE-416) in Microsoft's BranchCache service that | |
| 3898 | CVE-2025-0103 |
|
53.2th | 8.8 | An SQL injection vulnerability in Palo Alto Networks Expedition allows authenticated attackers to ex | |
| 3899 | CVE-2024-9188 |
|
53.2th | 8.8 | CVE-2024-9188 is a cross-site scripting vulnerability in Arista products that allows attackers to in | |
| 3900 | CVE-2025-26378 |
|
53.3th | 8.8 | A missing authorization vulnerability in Q-Free MaxTime allows authenticated low-privileged users to |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free