Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 4201 | CVE-2026-1571 |
|
22.8th | 6.1 | This is a cross-site scripting (XSS) vulnerability in TP-Link Archer C60 v3 routers where user input | |
| 4202 | CVE-2025-55035 |
|
22.8th | 6.1 | This vulnerability in Mattermost Desktop App allows attackers to create a denial-of-service conditio | |
| 4203 | CVE-2025-13644 |
|
23th | 6.5 | MongoDB Server may crash due to an invariant failure during batched delete operations when handling | |
| 4204 | CVE-2025-12787 |
|
22.9th | 5.3 | This vulnerability allows unauthenticated attackers to cancel arbitrary bookings in the Hydra Bookin | |
| 4205 | CVE-2025-66908 |
|
22.8th | 5.3 | This vulnerability allows attackers to upload arbitrary files including executables, scripts, or web | |
| 4206 | CVE-2025-14303 |
|
22.9th | 6.8 | This vulnerability allows unauthenticated physical attackers with DMA-capable PCIe devices to read a | |
| 4207 | CVE-2025-14302 |
|
22.9th | 6.8 | This vulnerability allows unauthenticated physical attackers with DMA-capable PCIe devices to read a | |
| 4208 | CVE-2025-14051 |
|
22.9th | 6.3 | This vulnerability in youlaitech youlai-mall allows attackers to manipulate dynamically-identified v | |
| 4209 | CVE-2026-0679 |
|
22.9th | 5.3 | The Fortis for WooCommerce WordPress plugin has an authorization bypass vulnerability that allows un | |
| 4210 | CVE-2025-24130 |
|
22.6th | 5.5 | This macOS vulnerability allows applications to bypass file system protection mechanisms and modify | |
| 4211 | CVE-2025-0700 |
|
22.6th | 6.3 | This CVE describes a critical SQL injection vulnerability in JoeyBling bootplus's admin interface at | |
| 4212 | CVE-2025-24400 |
|
22.6th | 4.3 | The Jenkins Eiffel Broadcaster Plugin vulnerability allows attackers who can create credentials with | |
| 4213 | CVE-2024-45627 |
|
22.6th | 5.9 | This vulnerability in Apache Linkis allows authenticated attackers to read arbitrary files from the | |
| 4214 | CVE-2024-56287 |
|
22.7th | 6.5 | This stored cross-site scripting (XSS) vulnerability in the WP jQuery DataTable WordPress plugin all | |
| 4215 | CVE-2025-20049 |
|
22.6th | 5.8 | The Dario Health portal service application contains a cross-site scripting (XSS) vulnerability that | |
| 4216 | CVE-2025-1690 |
|
22.7th | 6.4 | The ThemeMakers Stripe Checkout plugin for WordPress versions up to 1.0.1 contains a stored cross-si | |
| 4217 | CVE-2025-1689 |
|
22.7th | 6.4 | The ThemeMakers PayPal Express Checkout plugin for WordPress versions up to 1.1.9 contains a stored | |
| 4218 | CVE-2025-25096 |
|
22.7th | 6.5 | This stored cross-site scripting (XSS) vulnerability in the WordPress RSS in Page plugin allows atta | |
| 4219 | CVE-2024-49798 |
|
22.7th | 4.3 | IBM ApplinX 11.1 can expose sensitive technical error information to remote attackers through browse | |
| 4220 | CVE-2025-24282 |
|
22.7th | 5.5 | This CVE describes a library injection vulnerability in macOS that allows applications to bypass fil | |
| 4221 | CVE-2025-2587 |
|
22.7th | 6.3 | This critical SQL injection vulnerability in Jinher OA C6 allows remote attackers to execute arbitra | |
| 4222 | CVE-2024-8027 |
|
22.6th | 6.1 | A stored Cross-Site Scripting vulnerability in netease-youdao/QAnything allows attackers to upload m | |
| 4223 | CVE-2025-27926 |
|
22.6th | 4.3 | This vulnerability exposes passwords stored in configuration files within the K2 SmartForms Designer | |
| 4224 | CVE-2025-1923 |
|
22.6th | 4.3 | This vulnerability allows attackers who convince users to install malicious Chrome extensions to per | |
| 4225 | CVE-2025-46690 |
|
22.6th | 5.0 | Ververica Platform 2.14.0 contains an improper authorization vulnerability that allows low-privilege | |
| 4226 | CVE-2025-3968 |
|
22.7th | 6.3 | CVE-2025-3968 is a critical SQL injection vulnerability in codeprojects News Publishing Site Dashboa | |
| 4227 | CVE-2025-3856 |
|
22.7th | 6.3 | This is a critical SQL injection vulnerability in xxyopen Novel-Plus 5.1.0 that allows remote attack | |
| 4228 | CVE-2025-48880 |
|
22.7th | 6.6 | FreeScout versions before 1.8.181 contain a race condition vulnerability when administrators delete | |
| 4229 | CVE-2025-45755 |
|
22.6th | 6.1 | A stored cross-site scripting vulnerability in Vtiger CRM Open Source Edition v8.3.0 allows attacker | |
| 4230 | CVE-2025-46825 |
|
22.6th | 5.4 | Kanboard versions 1.2.26 through 1.2.44 have a stored cross-site scripting vulnerability in the proj | |
| 4231 | CVE-2025-46611 |
|
22.6th | 6.1 | A cross-site scripting (XSS) vulnerability in ARTEC EMA Mail version 6.92 allows attackers to inject | |
| 4232 | CVE-2013-1424 |
|
22.6th | 5.6 | This CVE describes a buffer overflow vulnerability in matplotlib that could allow attackers to execu | |
| 4233 | CVE-2025-43579 |
|
22.7th | 5.5 | Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier contain an information | |
| 4234 | CVE-2025-53728 |
|
22.6th | 6.5 | This vulnerability in Microsoft Dynamics 365 (on-premises) allows unauthorized attackers to access s | |
| 4235 | CVE-2025-59941 |
|
22.7th | 5.9 | This vulnerability in go-f3 allows attackers to bypass justification verification by reusing cached | |
| 4236 | CVE-2025-9904 |
|
22.6th | 5.3 | This CVE describes an unallocated memory access vulnerability in multiple Canon printer drivers that | |
| 4237 | CVE-2025-46153 |
|
22.7th | 5.3 | This vulnerability in PyTorch versions before 3.7.0 affects the bernoulli_p decompose function, caus | |
| 4238 | CVE-2025-58114 |
|
22.6th | 4.8 | This CVE describes an improper input validation vulnerability in BlueSpice's CognitiveProcessDesigne | |
| 4239 | CVE-2025-11648 |
|
22.7th | 5.6 | This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in Tomofun Furbo 360 and Furbo | |
| 4240 | CVE-2025-59958 |
|
22.6th | 6.5 | An unauthenticated network attacker can send specially crafted packets to PTX Series routers running | |
| 4241 | CVE-2024-58320 |
|
22.6th | 5.3 | An information disclosure vulnerability in Kentico Xperience allows unauthenticated attackers to acc | |
| 4242 | CVE-2025-67901 |
|
22.6th | 5.3 | This vulnerability in openrsync allows a client to crash the rsync server by sending specially craft | |
| 4243 | CVE-2025-14629 |
|
22.7th | 5.3 | The Alchemist Ajax Upload WordPress plugin allows unauthenticated attackers to delete arbitrary medi | |
| 4244 | CVE-2025-66400 |
|
22.7th | 5.3 | CVE-2025-66400 is a vulnerability in mdast-util-to-hast versions 13.0.0 through 13.2.0 that allows a | |
| 4245 | CVE-2025-37176 |
|
22.7th | 6.5 | A command injection vulnerability in AOS-8 allows authenticated privileged users to inject shell com | |
| 4246 | CVE-2026-0513 |
|
22.6th | 4.7 | An open redirect vulnerability in SAP Supplier Relationship Management allows unauthenticated attack | |
| 4247 | CVE-2023-37413 |
|
22.4th | 5.3 | IBM Aspera Faspex versions 5.0.0 through 5.0.10 can leak sensitive username information through obse | |
| 4248 | CVE-2025-23656 |
|
22.4th | 6.5 | This CVE describes a Missing Authorization vulnerability in the WordPress Donate visa plugin that al | |
| 4249 | CVE-2024-40679 |
|
22.4th | 5.5 | IBM Db2 for Linux, UNIX and Windows (including Db2 Connect Server) version 11.5 may write sensitive | |
| 4250 | CVE-2024-13144 |
|
22.5th | 6.3 | This critical vulnerability in My-Blog 1.0 allows remote attackers to upload arbitrary files without |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free