Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
3951	CVE-2025-10847	0.3%	53.1th	N/A	DX Unified Infrastructure Management (Nimsoft/UIM) has an improper ACL handling vulnerability in its
3952	CVE-2025-14659	0.3%	53.1th	8.8	This vulnerability allows remote attackers to execute arbitrary commands on D-Link DIR-860LB1 and DI
3953	CVE-2025-59099	0.3%	53.1th	N/A	This path traversal vulnerability in CompactWebServer allows unauthenticated attackers to read arbit
3954	CVE-2024-41339	0.3%	52.9th	8.8	This vulnerability allows attackers to upload malicious kernel modules through the CGI configuration
3955	CVE-2025-27105	0.3%	53th	9.1	This vulnerability in Vyper smart contract language allows out-of-bounds array access when using aug
3956	CVE-2024-50954	0.3%	52.9th	7.5	A vulnerability in XINJE XL5E-16T and XD5E-24R-E programmable logic controllers allows attackers to
3957	CVE-2024-12712	0.3%	52.9th	5.3	This vulnerability allows unauthenticated attackers to modify order statuses in WordPress sites usin
3958	CVE-2025-24499	0.3%	52.9th	7.2	This vulnerability in Siemens SCALANCE industrial wireless devices allows authenticated remote attac
3959	CVE-2025-39565	0.3%	52.9th	6.6	A PHP object injection vulnerability in Melapress Login Security WordPress plugin allows attackers t
3960	CVE-2024-41794	0.3%	52.9th	10.0	SENTRON 7KT PAC1260 Data Manager devices contain hardcoded root credentials that allow unauthenticat
3961	CVE-2024-47261	0.3%	52.9th	4.3	This vulnerability allows attackers to upload files via the VAPIX API uploadoverlayimage.cgi endpoin
3962	CVE-2025-41407	0.3%	52.9th	8.3	This SQL injection vulnerability in ManageEngine ADAudit Plus allows attackers to execute arbitrary
3963	CVE-2025-20234	0.3%	52.9th	5.3	A memory overread vulnerability in ClamAV's Universal Disk Format (UDF) processing allows unauthenti
3964	CVE-2025-5629	0.3%	52.9th	8.8	A critical buffer overflow vulnerability in Tenda AC10 routers allows remote attackers to execute ar
3965	CVE-2025-34520	0.3%	52.9th	9.8	An authentication bypass vulnerability in Arcserve Unified Data Protection (UDP) allows unauthentica
3966	CVE-2025-11073	0.3%	52.9th	4.7	This vulnerability allows remote attackers to execute arbitrary commands on Keyfactor RG-EW5100BE de
3967	CVE-2025-12486	0.3%	52.9th	8.8	This is a cross-site scripting (XSS) vulnerability in Heimdall Data Database Proxy that allows remot
3968	CVE-2022-50595	0.3%	52.9th	7.2	This vulnerability allows remote attackers to bypass authentication and execute SQL injection via th
3969	CVE-2022-50592	0.3%	52.9th	7.2	This vulnerability allows remote attackers to bypass authentication and execute SQL injection agains
3970	CVE-2023-54335	0.3%	52.9th	9.8	eXtplorer 2.1.14 contains an authentication bypass vulnerability that allows attackers to login with
3971	CVE-2025-14891	0.3%	52.8th	6.4	This stored XSS vulnerability in the Customer Reviews for WooCommerce WordPress plugin allows attack
3972	CVE-2025-0574	0.3%	52.8th	7.5	CVE-2025-0574 is a memory corruption vulnerability in Sante PACS Server's URL parsing that allows un
3973	CVE-2024-54507	0.3%	52.8th	5.5	A type confusion vulnerability in Apple operating systems allows attackers with user privileges to r
3974	CVE-2024-56921	0.3%	52.8th	7.5	This vulnerability in Open5gs AMF allows remote attackers to cause a denial of service by sending sp
3975	CVE-2025-25612	0.3%	52.8th	7.1	This vulnerability allows attackers to inject malicious JavaScript into the 'Time Range Name' field
3976	CVE-2025-24078	0.3%	52.8th	7.0	A use-after-free vulnerability in Microsoft Office Word allows attackers to execute arbitrary code o
3977	CVE-2025-27615	0.3%	52.8th	8.2	The umatiGateway software exposes its web interface publicly by default in Docker deployments, allow
3978	CVE-2025-30692	0.3%	52.8th	6.5	This vulnerability in Oracle iSupplier Portal allows authenticated attackers with low privileges to
3979	CVE-2025-5160	0.3%	52.8th	4.3	A path traversal vulnerability in H3C SecCenter SMP-E1114P02 allows attackers to access arbitrary fi
3980	CVE-2025-6104	0.3%	52.8th	8.8	This critical vulnerability allows remote attackers to execute arbitrary operating system commands o
3981	CVE-2025-24028	0.3%	52.8th	7.8	This is a cross-site scripting (XSS) vulnerability in Joplin's Rich Text Editor caused by difference
3982	CVE-2025-2973	0.3%	52.7th	6.3	This critical vulnerability in College Management System 1.0 allows remote attackers to upload malic
3983	CVE-2025-26733	0.3%	52.7th	8.2	This CVE describes a Missing Authorization vulnerability in the Shinetheme Traveler WordPress theme
3984	CVE-2025-39554	0.3%	52.7th	6.5	This CVE describes a Missing Authorization vulnerability in the RelyWP AI Text to Speech WordPress p
3985	CVE-2025-24581	0.3%	52.7th	6.5	This CVE describes a Missing Authorization vulnerability in the Themefic Instantio WordPress plugin
3986	CVE-2025-23958	0.3%	52.7th	6.5	This CVE describes a missing authorization vulnerability in the FADI MED Editor Wysiwyg Background C
3987	CVE-2025-23773	0.3%	52.7th	6.5	This CVE describes a Missing Authorization vulnerability in the WordPress 'Delete All Posts' plugin
3988	CVE-2025-32243	0.3%	52.7th	6.5	This CVE describes a Missing Authorization vulnerability in the WordPress Internal Link Optimiser pl
3989	CVE-2025-32240	0.3%	52.7th	6.5	This CVE describes a missing authorization vulnerability in the WordPress Site Notify plugin that al
3990	CVE-2025-3430	0.3%	52.8th	4.9	The 3DPrint Lite WordPress plugin contains an SQL injection vulnerability in the 'printer_text' para
3991	CVE-2025-3428	0.3%	52.8th	4.9	The 3DPrint Lite WordPress plugin contains an SQL injection vulnerability in the 'coating_text' para
3992	CVE-2025-31381	0.3%	52.7th	6.5	This CVE describes a Missing Authorization vulnerability in the Shiptrack Booking Calendar and Notif
3993	CVE-2025-22285	0.3%	52.7th	6.5	This CVE describes a Missing Authorization vulnerability in Eniture Technology's Pallet Packaging fo
3994	CVE-2025-31858	0.3%	52.7th	6.5	CVE-2025-31858 is a missing authorization vulnerability in the Local Magic WordPress plugin that all
3995	CVE-2025-31768	0.3%	52.7th	6.5	This CVE describes a Missing Authorization vulnerability in the OTWthemes Widget Manager Light WordP
3996	CVE-2025-31736	0.3%	52.7th	6.5	CVE-2025-31736 is a missing authorization vulnerability in the richtexteditor WordPress plugin that
3997	CVE-2025-30916	0.3%	52.7th	6.5	This CVE describes a Missing Authorization vulnerability in the Residential Address Detection WordPr
3998	CVE-2024-12410	0.3%	52.8th	4.9	This SQL injection vulnerability in the Front End Users WordPress plugin allows unauthenticated atta
3999	CVE-2025-31780	0.3%	52.7th	6.5	This CVE describes a Missing Authorization vulnerability in the WordPress Append Content plugin that
4000	CVE-2025-47492	0.3%	52.7th	8.6	This path traversal vulnerability in the Drag and Drop File Upload for Elementor Forms WordPress plu

← Previous Page 80 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free