Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Flags	Summary
4001	CVE-2025-4432	0.3%	52.7th	5.3		A vulnerability in Rust's Ring cryptography library allows attackers to trigger a panic (crash) by s
4002	CVE-2025-10896	0.3%	52.7th	8.8		This vulnerability allows authenticated WordPress users with subscriber-level access or higher to in
4003	CVE-2026-23735	0.3%	52.8th	N/A		This vulnerability in GraphQL Modules allows parallel requests to mix up execution contexts when usi
4004	CVE-2025-1285	0.3%	52.7th	5.3		This vulnerability in the Resido WordPress theme allows unauthenticated attackers to delete or save
4005	CVE-2025-30701	0.3%	52.7th	7.3		This vulnerability in Oracle Database's RAS Security component allows authenticated attackers with n
4006	CVE-2025-47966	0.3%	52.6th	9.8		This vulnerability in Microsoft Power Automate allows unauthorized attackers to access sensitive inf
4007	CVE-2025-40746	0.3%	52.6th	9.1		This vulnerability in SIMATIC RTLS Locating Manager allows authenticated remote attackers with high
4008	CVE-2025-48983	0.3%	52.6th	9.9		This critical vulnerability in Veeam Backup & Replication's Mount service allows authenticated domai
4009	CVE-2025-69262	0.3%	52.7th	7.5		This CVE describes a command injection vulnerability in pnpm package manager versions 6.25.0 through
4010	CVE-2025-26344	0.3%	52.5th	9.8		This vulnerability allows unauthenticated remote attackers to enable passwordless guest mode in Q-Fr
4011	CVE-2025-26341	0.3%	52.5th	9.8		This vulnerability allows unauthenticated remote attackers to reset arbitrary user passwords in Q-Fr
4012	CVE-2025-26339	0.3%	52.5th	9.8		This vulnerability allows unauthenticated remote attackers to send crafted HTTP requests to Q-Free M
4013	CVE-2025-23093	0.3%	52.5th	8.8		This vulnerability allows authenticated attackers on Mitel OpenScape 4000 and OpenScape 4000 Manager
4014	CVE-2024-12375	0.3%	52.5th	6.5		A local file inclusion vulnerability in automatic1111/stable-diffusion-webui allows attackers to rea
4015	CVE-2025-27667	0.3%	52.5th	9.8		This vulnerability allows attackers to enumerate administrative user email addresses in Vasion Print
4016	CVE-2025-27665	0.3%	52.5th	9.8		This vulnerability in Vasion Print (formerly PrinterLogic) allows insufficient antivirus protection
4017	CVE-2025-3523	0.3%	52.5th	6.4		This vulnerability in Thunderbird email client causes misleading hover text when emails contain mult
4018	CVE-2024-50562	0.3%	52.5th	4.8		This vulnerability allows attackers who have obtained SSL-VPN session cookies to reuse them even aft
4019	CVE-2025-54424	0.3%	52.5th	8.1		CVE-2025-54424 is a certificate validation bypass vulnerability in 1Panel web interface that allows
4020	CVE-2025-57439	0.3%	52.5th	8.8		CVE-2025-57439 is a critical remote code execution vulnerability in Creacast Creabox Manager 4.4.4 w
4021	CVE-2025-61622	0.3%	52.5th	9.8		This vulnerability allows arbitrary code execution through deserialization of untrusted data in pyfo
4022	CVE-2026-2175	0.3%	52.5th	7.2		This CVE describes an OS command injection vulnerability in D-Link DIR-823X routers that allows remo
4023	CVE-2026-2157	0.3%	52.5th	7.2		This CVE describes a remote command injection vulnerability in D-Link DIR-823X routers. Attackers ca
4024	CVE-2025-40602	0.3%	52.4th	6.6	KEV	This CVE describes a local privilege escalation vulnerability in SonicWall SMA1000 appliances where
4025	CVE-2026-2143	0.3%	52.5th	7.2		This CVE describes a remote command injection vulnerability in D-Link DIR-823X routers. Attackers ca
4026	CVE-2026-2142	0.3%	52.5th	7.2		This CVE describes a remote OS command injection vulnerability in D-Link DIR-823X routers. Attackers
4027	CVE-2026-2129	0.3%	52.5th	7.2		This CVE describes an OS command injection vulnerability in D-Link DIR-823X routers that allows remo
4028	CVE-2026-2120	0.3%	52.5th	7.2		This CVE describes a remote command injection vulnerability in D-Link DIR-823X routers. Attackers ca
4029	CVE-2024-57436	0.3%	52.4th	7.2		CVE-2024-57436 is a session ID exposure vulnerability in RuoYi v4.8.0 that allows unauthorized attac
4030	CVE-2024-13117	0.3%	52.4th	6.5		The Social Share Buttons for WordPress plugin through version 2.7 contains an unauthenticated file u
4031	CVE-2024-53379	0.3%	52.4th	7.5		A heap buffer overflow vulnerability in SharkSSL's server-side handshake implementation allows remot
4032	CVE-2025-32367	0.3%	52.4th	8.6		The Oz Forensics face recognition application before version 4.0.8 (late 2023) contains an Insecure
4033	CVE-2025-20139	0.3%	52.4th	7.5		An unauthenticated remote attacker can send specially crafted chat messages to Cisco Enterprise Chat
4034	CVE-2025-5906	0.3%	52.4th	7.3		CVE-2025-5906 is a critical authentication bypass vulnerability in code-projects Laundry System 1.0
4035	CVE-2025-5789	0.3%	52.4th	8.8		This critical vulnerability in TOTOLINK X15 routers allows remote attackers to execute arbitrary cod
4036	CVE-2025-5738	0.3%	52.4th	8.8		A critical buffer overflow vulnerability in TOTOLINK X15 routers allows remote attackers to execute
4037	CVE-2025-5736	0.3%	52.4th	8.8		A critical buffer overflow vulnerability in TOTOLINK X15 routers allows remote attackers to execute
4038	CVE-2025-5734	0.3%	52.4th	8.8		A critical buffer overflow vulnerability in TOTOLINK X15 routers allows remote attackers to execute
4039	CVE-2025-5512	0.3%	52.4th	7.3		This critical vulnerability in shiyi-blog allows attackers to bypass authentication in the administr
4040	CVE-2025-11141	0.3%	52.4th	4.7		This CVE describes an OS command injection vulnerability in Ruijie NBR2100G-E routers. Attackers can
4041	CVE-2025-10060	0.3%	52.4th	6.5		MongoDB Server may allow upsert operations retried within a transaction to violate unique index cons
4042	CVE-2025-64496	0.3%	52.4th	7.3		Open WebUI versions 0.6.224 and earlier contain a code injection vulnerability in the Direct Connect
4043	CVE-2024-57052	0.29%	52.3th	9.8		A session fixation vulnerability in YoudianCMS v9.5.20 and earlier allows remote attackers to escala
4044	CVE-2025-22385	0.29%	52.3th	5.9		Optimizely Configured Commerce versions before 5.2.2408 allow mass account creation without email co
4045	CVE-2025-26508	0.29%	52.3th	9.8		This vulnerability allows attackers to execute arbitrary code and gain elevated privileges on affect
4046	CVE-2025-22961	0.29%	52.3th	8.0		Unauthenticated attackers can access sensitive database backup files containing user credentials thr
4047	CVE-2025-28197	0.29%	52.3th	9.1		Crawl4AI versions up to 0.4.247 contain a Server-Side Request Forgery (SSRF) vulnerability in the as
4048	CVE-2025-3192	0.29%	52.3th	8.2		This SSRF vulnerability in spatie/browsershot allows attackers to make the server request internal n
4049	CVE-2025-6776	0.29%	52.3th	7.3		This critical vulnerability in xiaoyunjie openvpn-cms-flask allows remote attackers to perform path
4050	CVE-2025-56815	0.29%	52.3th	7.1		CVE-2025-56815 is a directory traversal vulnerability in Datart 1.0.0-rc.3 that allows attackers to

← Previous Page 81 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free