Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
4251	CVE-2025-7945	0.28%	50.8th	8.8	A critical buffer overflow vulnerability in D-Link DIR-513 routers allows remote attackers to execut
4252	CVE-2025-10775	0.28%	50.8th	4.7	This CVE describes an OS command injection vulnerability in Wavlink WL-NU516U1 routers that allows r
4253	CVE-2025-35055	0.28%	50.8th	8.8	This vulnerability allows authenticated attackers to upload arbitrary files to any writable location
4254	CVE-2025-69260	0.28%	50.8th	7.5	An out-of-bounds read vulnerability in Trend Micro Apex Central allows remote attackers to cause den
4255	CVE-2026-20422	0.28%	50.8th	6.5	This vulnerability in MediaTek modems allows remote denial of service through improper input validat
4256	CVE-2026-20421	0.28%	50.8th	6.5	This vulnerability allows remote attackers to cause a system crash (denial of service) in affected m
4257	CVE-2026-20420	0.28%	50.8th	6.5	This vulnerability in MediaTek modems allows remote denial of service through system crashes when de
4258	CVE-2026-20405	0.28%	50.8th	6.5	This vulnerability in MediaTek modems allows remote denial of service through system crashes when de
4259	CVE-2026-20404	0.28%	50.8th	6.5	This vulnerability in MediaTek modems allows remote denial of service through improper input validat
4260	CVE-2026-20403	0.28%	50.8th	6.5	This vulnerability in MediaTek modems allows remote denial of service via system crash when a device
4261	CVE-2026-20402	0.28%	50.8th	6.5	This vulnerability in MediaTek modems allows remote denial of service through improper input validat
4262	CVE-2026-20401	0.28%	50.8th	7.5	This vulnerability allows remote denial of service attacks against mobile devices with affected Medi
4263	CVE-2025-0063	0.28%	50.7th	8.8	SAP NetWeaver AS ABAP and ABAP Platform have an authorization bypass vulnerability in RFC function m
4264	CVE-2024-11347	0.28%	50.7th	7.3	An integer overflow vulnerability in Lexmark printer PostScript interpreters allows attackers to exe
4265	CVE-2024-58087	0.28%	50.7th	8.1	A race condition vulnerability in the Linux kernel's ksmbd (SMB server) component allows attackers t
4266	CVE-2024-51461	0.28%	50.7th	4.3	This vulnerability in IBM QRadar WinCollect Agent allows remote attackers to cause denial of service
4267	CVE-2025-49181	0.28%	50.7th	8.6	This vulnerability allows unauthorized users to access sensitive information via HTTP GET requests a
4268	CVE-2025-10690	0.28%	50.7th	9.8	This vulnerability allows unauthenticated attackers to upload arbitrary ZIP files containing malicio
4269	CVE-2025-13592	0.28%	50.7th	7.2	The Advanced Ads WordPress plugin up to version 2.0.14 contains a remote code execution vulnerabilit
4270	CVE-2025-14703	0.28%	50.7th	5.3	This vulnerability allows remote attackers to bypass authentication in Shiguangwu sgwbox N3 NAS devi
4271	CVE-2025-68398	0.28%	50.7th	9.1	This vulnerability in Weblate allows remote attackers to overwrite Git configuration settings, poten
4272	CVE-2025-21332	0.28%	50.6th	4.3	This CVE describes a security feature bypass vulnerability in the MapUrlToZone function, which is us
4273	CVE-2024-55160	0.28%	50.7th	9.8	GFast versions 2 through 3.2 contain a SQL injection vulnerability in the OrderBy parameter at the /
4274	CVE-2025-32807	0.28%	50.7th	5.3	A path traversal vulnerability in FusionDirectory allows remote attackers to read arbitrary files en
4275	CVE-2025-11344	0.28%	50.7th	6.3	This vulnerability in ILIAS learning management system allows remote attackers to execute arbitrary
4276	CVE-2025-63918	0.28%	50.6th	6.2	PDFPatcher contains a directory traversal vulnerability (CWE-22) where the executable fails to valid
4277	CVE-2022-50696	0.28%	50.6th	9.8	SOUND4 IMPACT/FIRST/PULSE/Eco devices versions 2.x and below contain hardcoded credentials in server
4278	CVE-2025-68161	0.28%	50.6th	4.8	This vulnerability in Apache Log4j Core allows man-in-the-middle attackers to intercept or redirect
4279	CVE-2025-69906	0.28%	50.6th	8.8	Monstra CMS v3.0.4 contains an arbitrary file upload vulnerability in the Files Manager plugin that
4280	CVE-2025-0680	0.28%	50.6th	9.8	This vulnerability allows remote attackers to execute arbitrary commands on devices connected to the
4281	CVE-2024-0136	0.28%	50.5th	7.6	NVIDIA Container Toolkit has an improper isolation vulnerability where specially crafted container i
4282	CVE-2024-0135	0.28%	50.5th	7.6	NVIDIA Container Toolkit has an improper isolation vulnerability where malicious container images ca
4283	CVE-2025-25008	0.28%	50.5th	7.1	This CVE describes a local privilege escalation vulnerability in Microsoft Windows where an attacker
4284	CVE-2025-24992	0.28%	50.6th	5.5	This CVE describes a buffer over-read vulnerability in Windows NTFS that allows a local attacker to
4285	CVE-2025-12676	0.28%	50.6th	5.3	The KiotViet Sync WordPress plugin uses a hardcoded password for authentication, allowing unauthenti
4286	CVE-2025-15099	0.28%	50.6th	7.3	This vulnerability allows remote attackers to bypass authentication in simstudioai sim by manipulati
4287	CVE-2025-69612	0.28%	50.5th	6.5	This path traversal vulnerability in TMS Management Console allows authenticated users to read arbit
4288	CVE-2024-28243	0.28%	50.5th	6.5	KaTeX users who render untrusted mathematical expressions are vulnerable to a denial-of-service atta
4289	CVE-2025-24357	0.27%	50.4th	7.5	This vulnerability in vLLM allows remote code execution when loading malicious model checkpoints fro
4290	CVE-2024-27781	0.27%	50.4th	7.1	This is a cross-site scripting (XSS) vulnerability in Fortinet FortiSandbox that allows authenticate
4291	CVE-2025-30372	0.27%	50.4th	9.8	Emlog Pro versions 2.5.7 and 2.5.8 contain an SQL injection vulnerability in search_controller.php d
4292	CVE-2025-25686	0.27%	50.4th	9.8	This vulnerability allows attackers to execute arbitrary SQL commands through SEMCMS_Fuction.php in
4293	CVE-2024-40073	0.27%	50.4th	9.8	This SQL injection vulnerability in Sourcecodester Online ID Generator System 1.0 allows attackers t
4294	CVE-2025-32728	0.27%	50.4th	4.3	OpenSSH versions before 10.0 have a bug where the DisableForwarding directive fails to properly disa
4295	CVE-2025-29369	0.27%	50.4th	9.8	CVE-2025-29369 is a critical SQL injection vulnerability in Code-Projects Matrimonial Site V1.0 that
4296	CVE-2025-45542	0.27%	50.4th	7.3	A SQL injection vulnerability exists in the registrationform endpoint of CloudClassroom-PHP-Project
4297	CVE-2025-52434	0.27%	50.4th	7.5	A race condition vulnerability in Apache Tomcat's APR/Native connector when handling HTTP/2 connecti
4298	CVE-2025-10156	0.27%	50.4th	9.8	This vulnerability allows attackers to bypass security scans in mmaitre314 picklescan by crafting ZI
4299	CVE-2025-63459	0.27%	50.4th	7.5	This vulnerability is a stack overflow in Totolink A7000R routers that allows attackers to cause a D
4300	CVE-2025-63464	0.27%	50.4th	7.5	This CVE describes a stack overflow vulnerability in Totolink LR350 routers via the ssid parameter.

← Previous Page 86 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free