Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
4201	CVE-2025-11491	0.28%	51.1th	6.3	This CVE describes an OS command injection vulnerability in DesktopCommanderMCP versions up to 0.2.1
4202	CVE-2025-9315	0.28%	51.1th	N/A	An unauthenticated device registration vulnerability in MXsecurity Series allows remote attackers to
4203	CVE-2025-62575	0.28%	51.2th	8.3	This vulnerability in NMIS/BioDose V22.02 and earlier allows attackers with database access to execu
4204	CVE-2024-45479	0.28%	51th	9.1	This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in the Edit Service Page of Ap
4205	CVE-2025-21564	0.28%	51.1th	8.1	This vulnerability in Oracle Agile PLM Framework allows authenticated attackers with low privileges
4206	CVE-2025-0318	0.28%	51.1th	5.3	The Ultimate Member WordPress plugin versions up to 2.9.1 leak sensitive user metadata through error
4207	CVE-2024-56136	0.28%	51.1th	5.3	CVE-2024-56136 is an information disclosure vulnerability in Zulip Server that allows unauthenticate
4208	CVE-2025-1063	0.28%	51.1th	5.3	The Classified Listing WordPress plugin has an information disclosure vulnerability that allows unau
4209	CVE-2024-11153	0.28%	51.1th	5.3	The Content Control WordPress plugin up to version 2.5.0 allows unauthenticated attackers to access
4210	CVE-2025-4496	0.28%	51th	8.8	A critical buffer overflow vulnerability in TOTOLINK routers allows remote attackers to execute arbi
4211	CVE-2025-27917	0.28%	51th	7.5	This vulnerability allows remote attackers to cause a denial of service in AnyDesk clients through i
4212	CVE-2025-65824	0.28%	51.1th	8.8	An unauthenticated attacker within Bluetooth range can perform unauthorized firmware upgrades on Mea
4213	CVE-2025-11002	0.28%	51.1th	7.8	A directory traversal vulnerability in 7-Zip's ZIP file parsing allows remote attackers to execute a
4214	CVE-2025-23108	0.28%	50.9th	4.3	This vulnerability in Firefox for iOS allows malicious JavaScript links opened via long-press to spo
4215	CVE-2025-1673	0.28%	51th	8.2	CVE-2025-1673 is an out-of-bounds read vulnerability in Zephyr RTOS DNS handling that allows a malic
4216	CVE-2023-51302	0.28%	51th	8.8	PHPJabbers Hotel Booking System v4.0 has a CSV injection vulnerability that allows attackers to exec
4217	CVE-2024-57427	0.28%	51th	6.1	PHPJabbers Cinema Booking System v2.0 contains reflected cross-site scripting vulnerabilities where
4218	CVE-2024-13697	0.28%	50.9th	4.8	This vulnerability allows unauthenticated attackers to perform Server-Side Request Forgery (SSRF) at
4219	CVE-2025-48204	0.28%	50.9th	6.8	This vulnerability in the ns_backup TYPO3 extension allows attackers to execute arbitrary commands o
4220	CVE-2025-47172	0.28%	50.9th	8.8	This SQL injection vulnerability in Microsoft Office SharePoint allows authenticated attackers to ex
4221	CVE-2025-60333	0.28%	50.9th	7.5	This vulnerability is a stack overflow in the wepkey2 parameter of the setWiFiMultipleConfig functio
4222	CVE-2025-37146	0.28%	50.9th	7.2	This vulnerability allows authenticated remote attackers to execute arbitrary commands on network ac
4223	CVE-2025-13595	0.28%	50.9th	9.8	The CIBELES AI WordPress plugin has an unauthenticated arbitrary file upload vulnerability that allo
4224	CVE-2025-55796	0.28%	50.9th	7.5	This vulnerability allows remote attackers to brute-force predictable MD5 tokens used for critical u
4225	CVE-2025-63401	0.28%	51th	5.5	A Cross-Site Scripting (XSS) vulnerability in HCLTech DRAGON allows remote attackers to inject malic
4226	CVE-2025-15240	0.28%	51th	8.8	CVE-2025-15240 is an arbitrary file upload vulnerability in QOCA aim AI Medical Cloud Platform that
4227	CVE-2024-57376	0.28%	50.9th	8.8	This CVE describes a buffer overflow vulnerability in multiple D-Link DSR series routers that allows
4228	CVE-2025-21521	0.28%	50.9th	7.5	This vulnerability in MySQL Server's thread pooling component allows unauthenticated attackers with
4229	CVE-2025-20051	0.28%	50.9th	9.9	This vulnerability in Mattermost Boards allows authenticated users to read arbitrary files on the se
4230	CVE-2025-1483	0.28%	50.8th	5.3	The LTL Freight Quotes – GlobalTranz Edition WordPress plugin has an authentication bypass vulnera
4231	CVE-2025-25196	0.28%	50.9th	9.8	OpenFGA versions before 1.8.5 contain an authorization bypass vulnerability that allows unauthorized
4232	CVE-2024-13821	0.28%	50.8th	5.3	The WP Booking Calendar plugin for WordPress has a vulnerability that allows unauthenticated attacke
4233	CVE-2024-13554	0.28%	50.8th	5.3	The WP Extended WordPress plugin has an authorization bypass vulnerability that allows unauthenticat
4234	CVE-2025-31673	0.28%	50.8th	4.6	This CVE describes an incorrect authorization vulnerability in Drupal core that allows forceful brow
4235	CVE-2025-1507	0.28%	50.8th	5.3	This vulnerability in the ShareThis Dashboard for Google Analytics WordPress plugin allows unauthent
4236	CVE-2025-26916	0.28%	50.9th	9.0	This vulnerability allows unauthenticated attackers to include arbitrary local files in PHP applicat
4237	CVE-2025-27647	0.28%	50.8th	9.8	This critical vulnerability in Vasion Print (formerly PrinterLogic) allows unauthenticated attackers
4238	CVE-2025-32470	0.28%	50.9th	7.5	This vulnerability allows remote unauthenticated attackers to change the IP address of affected SICK
4239	CVE-2025-47268	0.28%	50.9th	6.5	A signed 64-bit integer overflow vulnerability in iputils ping allows denial of service through craf
4240	CVE-2025-34033	0.28%	50.9th	8.8	This CVE describes an OS command injection vulnerability in Blue Angel Software Suite's web interfac
4241	CVE-2025-5514	0.28%	50.9th	5.3	A remote unauthenticated attacker can send specially crafted HTTP requests to exploit an improper le
4242	CVE-2025-8141	0.28%	50.9th	8.8	The Redirection for Contact Form 7 WordPress plugin has an arbitrary file deletion vulnerability tha
4243	CVE-2025-50157	0.28%	50.9th	5.7	This vulnerability in Windows Routing and Remote Access Service (RRAS) involves uninitialized resour
4244	CVE-2025-59921	0.28%	50.9th	6.5	An authenticated attacker can access sensitive information on vulnerable FortiADC devices by sending
4245	CVE-2024-54478	0.28%	50.8th	6.5	This CVE describes an out-of-bounds memory access vulnerability in Apple's web content processing co
4246	CVE-2025-26873	0.28%	50.7th	9.0	This vulnerability allows remote attackers to execute arbitrary code via PHP object injection in the
4247	CVE-2025-30221	0.28%	50.8th	4.3	Pitchfork versions before 0.11.0 are vulnerable to HTTP Response Header Injection when used with Rac
4248	CVE-2025-29485	0.28%	50.7th	6.5	CVE-2025-29485 is a memory corruption vulnerability in libming v0.4.8 that causes a segmentation fau
4249	CVE-2024-57835	0.28%	50.7th	5.5	This vulnerability affects Amon2::Auth::Site::LINE authentication modules that use String::Random fo
4250	CVE-2024-13914	0.28%	50.8th	7.2	This vulnerability allows authenticated WordPress administrators to perform Local File Inclusion att

← Previous Page 85 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free