Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
3951	CVE-2025-54500	0.08%	24.2th	5.3	This CVE describes an HTTP/2 implementation flaw that allows attackers to send malformed HTTP/2 cont
3952	CVE-2022-50941	0.08%	24.3th	6.4	BootCommerce 3.2.1 contains persistent cross-site scripting (XSS) vulnerabilities in guest order che
3953	CVE-2022-50940	0.08%	24.3th	6.4	Knap Advanced PHP Login 3.1.3 contains a persistent cross-site scripting (XSS) vulnerability in the
3954	CVE-2022-50797	0.08%	24.3th	6.4	The Stripe Green Downloads WordPress plugin version 2.03 contains a persistent cross-site scripting
3955	CVE-2025-0439	0.08%	24.1th	6.5	This vulnerability in Google Chrome allows attackers to perform UI spoofing by tricking users into s
3956	CVE-2025-27294	0.08%	24.1th	4.8	A missing authorization vulnerability in the WP-Asambleas WordPress plugin allows attackers to explo
3957	CVE-2024-55159	0.08%	24.1th	4.2	GFast versions 2.0 through 3.2 contain a SQL injection vulnerability in the login log listing endpoi
3958	CVE-2026-1754	0.08%	24th	6.1	The personal-authors-category WordPress plugin contains a reflected cross-site scripting (XSS) vulne
3959	CVE-2025-22701	0.08%	24.1th	5.4	This Server-Side Request Forgery (SSRF) vulnerability in the Traveler Layout Essential For Elementor
3960	CVE-2025-2831	0.08%	23.9th	6.3	This critical SQL injection vulnerability in the mingyuefusu library management system allows remote
3961	CVE-2024-13731	0.08%	23.9th	6.4	This vulnerability allows authenticated WordPress users with contributor-level access or higher to i
3962	CVE-2025-27612	0.08%	24th	5.9	This vulnerability in libcontainer allows tenant containers to inherit capabilities from the main co
3963	CVE-2024-22340	0.08%	23.9th	6.5	This vulnerability in IBM Common Cryptographic Architecture allows remote attackers to perform timin
3964	CVE-2025-3643	0.08%	23.9th	5.4	A reflected cross-site scripting (XSS) vulnerability exists in Moodle's policy tool where insufficie
3965	CVE-2025-47748	0.08%	24th	5.3	Netwrix Directory Manager versions 11.0.0.0 and earlier, plus versions after 11.1.25134.03, contain
3966	CVE-2024-1663	0.08%	24.1th	4.8	This vulnerability in the Ultimate Noindex Nofollow Tool II WordPress plugin allows administrators t
3967	CVE-2023-5932	0.08%	24.1th	4.8	This vulnerability allows attackers to inject malicious scripts via unsanitized parameters in the Tr
3968	CVE-2025-24785	0.08%	24.1th	4.3	This vulnerability in iTop 3.2.0 allows attackers to send specially crafted URLs that trigger PHP er
3969	CVE-2025-40598	0.08%	24th	6.1	A reflected cross-site scripting (XSS) vulnerability in the SMA100 series web interface allows remot
3970	CVE-2025-7060	0.08%	24th	4.1	Monitorr versions up to 1.7.6m contain an improper input validation vulnerability in the installer c
3971	CVE-2025-8729	0.08%	23.9th	6.3	This is a critical path traversal vulnerability in MigoXLab LMeterX 1.2.0 that allows attackers to a
3972	CVE-2024-55401	0.08%	23.9th	6.5	This directory traversal vulnerability in 4C Strategies Exonaut allows attackers to access files out
3973	CVE-2025-46152	0.08%	24.1th	5.3	A vulnerability in PyTorch's bitwise_right_shift function produces incorrect output when given out-o
3974	CVE-2024-4598	0.08%	23.9th	6.5	This CVE describes an information disclosure vulnerability in WSO2 products where authenticated user
3975	CVE-2025-12284	0.08%	24th	6.1	This vulnerability in BLU-IC2 and BLU-IC4 web interfaces allows attackers to submit malicious input
3976	CVE-2025-12001	0.08%	24th	6.1	This vulnerability allows attackers to inject malicious scripts into application manifests, which co
3977	CVE-2025-11470	0.08%	24th	4.7	This vulnerability allows attackers to upload arbitrary files to the Hotel and Lodge Management Syst
3978	CVE-2025-64169	0.08%	23.9th	4.9	This vulnerability allows a compromised Wazuh agent to crash the analysisd service on the Wazuh mana
3979	CVE-2025-12969	0.08%	24th	6.5	This vulnerability allows remote attackers to bypass authentication in Fluent Bit's in_forward input
3980	CVE-2025-13574	0.08%	24.1th	4.7	This vulnerability allows remote attackers to upload arbitrary files to the Online Bidding System 1.
3981	CVE-2025-67653	0.08%	23.9th	4.3	Advantech WebAccess/SCADA is vulnerable to directory traversal (CWE-22), allowing attackers to check
3982	CVE-2025-12689	0.08%	24th	6.5	This vulnerability allows attackers to crash the Calls plugin in Mattermost by sending malformed Web
3983	CVE-2025-15529	0.08%	24th	5.3	A denial-of-service vulnerability exists in Open5GS's SGWC component where remote attackers can mani
3984	CVE-2025-15528	0.08%	24th	5.3	A denial-of-service vulnerability exists in Open5GS's GTPv2 Bearer Response Handler component. Attac
3985	CVE-2026-22912	0.08%	24th	4.3	This vulnerability allows attackers to redirect authenticated users to malicious websites through im
3986	CVE-2026-24766	0.08%	24th	4.9	An authenticated user with org-level-creator permissions in NocoDB can exploit prototype pollution i
3987	CVE-2025-22919	0.08%	23.8th	6.5	This CVE describes a reachable assertion vulnerability in FFmpeg that allows attackers to cause a De
3988	CVE-2024-55604	0.08%	23.7th	4.3	Appsmith versions before 1.51 allow users with 'App Viewer' permissions to list datasources in works
3989	CVE-2024-10723	0.08%	23.9th	5.4	A stored cross-site scripting (XSS) vulnerability in phpipam/phpipam version 1.5.2 allows attackers
3990	CVE-2024-10721	0.08%	23.9th	5.4	A stored cross-site scripting (XSS) vulnerability in phpipam/phpipam version 1.5.2 allows attackers
3991	CVE-2025-2393	0.08%	23.9th	4.7	This critical vulnerability in code-projects Online Class and Exam Scheduling System 1.0 allows remo
3992	CVE-2024-54469	0.08%	23.8th	5.5	This CVE describes an information disclosure vulnerability in Apple operating systems where a local
3993	CVE-2023-43052	0.08%	23.7th	5.3	IBM Control Center versions 6.2.1 through 6.3.1 are vulnerable to server-side request forgery (SSRF)
3994	CVE-2025-24348	0.08%	23.7th	5.4	A vulnerability in ctrlX OS allows authenticated low-privileged attackers to manipulate wireless net
3995	CVE-2025-3975	0.08%	23.8th	5.3	This vulnerability in ScriptAndTools eCommerce-website-in-PHP 3.0 allows remote attackers to access
3996	CVE-2025-32979	0.08%	23.9th	6.5	This vulnerability in NETSCOUT nGeniusONE allows authenticated users to create arbitrary files on th
3997	CVE-2025-22106	0.08%	23.7th	5.5	This vulnerability in the Linux kernel's vmxnet3 driver causes a kernel warning when the driver rese
3998	CVE-2025-22103	0.08%	23.7th	5.5	A race condition in the Linux kernel's networking subsystem causes a NULL pointer dereference when d
3999	CVE-2025-22093	0.08%	23.8th	5.5	A NULL pointer dereference vulnerability in the Linux kernel's AMD display driver allows local attac
4000	CVE-2025-22049	0.08%	23.8th	5.5	This CVE addresses a DMA (Direct Memory Access) alignment vulnerability in the Linux kernel for Loon

← Previous Page 80 of 331 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free