Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
4301	CVE-2024-42171	0.07%	22.3th	6.4	HCL MyXalytics has a session fixation vulnerability where attackers can set a victim's session token
4302	CVE-2024-56297	0.07%	22.3th	5.9	This stored cross-site scripting (XSS) vulnerability in the Highlight WordPress plugin allows attack
4303	CVE-2024-56292	0.07%	22.3th	5.9	This stored cross-site scripting (XSS) vulnerability in the Email Reminders WordPress plugin allows
4304	CVE-2024-13133	0.07%	22.3th	6.3	This critical vulnerability in ZeroWdd studentmanager 1.0 allows attackers to upload arbitrary files
4305	CVE-2025-0677	0.07%	22.3th	6.4	This CVE-2025-0677 vulnerability in grub2's UFS module allows heap buffer overflow when processing m
4306	CVE-2025-0996	0.07%	22.3th	5.4	This vulnerability allows attackers to spoof the URL bar (Omnibox) in Google Chrome on Android, maki
4307	CVE-2025-1216	0.07%	22.3th	6.3	This critical SQL injection vulnerability in ywoa allows remote attackers to execute arbitrary SQL c
4308	CVE-2026-1796	0.07%	22.3th	6.1	The StyleBidet WordPress plugin has a reflected cross-site scripting (XSS) vulnerability that allows
4309	CVE-2026-1792	0.07%	22.3th	6.1	The Geo Widget WordPress plugin has a stored XSS vulnerability that allows unauthenticated attackers
4310	CVE-2024-54176	0.07%	22.2th	4.3	This vulnerability in IBM DevOps Deploy and UrbanCode Deploy allows authenticated users to access se
4311	CVE-2025-0970	0.07%	22.3th	4.3	This vulnerability in Zenvia Movidesk allows attackers to redirect users to malicious websites by ma
4312	CVE-2023-53014	0.07%	22.2th	5.5	A memory leak vulnerability in the Linux kernel's Tegra DMA engine driver allows attackers to cause
4313	CVE-2023-53004	0.07%	22.2th	5.5	A memory leak vulnerability in the Linux kernel's OverlayFS (ovl) module when creating temporary fil
4314	CVE-2023-52981	0.07%	22.2th	5.5	This vulnerability in the Linux kernel's Intel i915 graphics driver involves improper reference coun
4315	CVE-2022-49760	0.07%	22.2th	5.5	A Linux kernel vulnerability in the hugetlb_change_protection() function mishandles PTE markers duri
4316	CVE-2022-49756	0.07%	22.2th	5.5	A null pointer dereference vulnerability in the Linux kernel's Sunplus USB PHY driver could allow lo
4317	CVE-2022-49745	0.07%	22.2th	5.5	This CVE addresses a resource leak vulnerability in the Linux kernel's FPGA Intel Max 10 BMC Secure
4318	CVE-2025-2576	0.07%	22.2th	6.4	The Ayyash Studio WordPress plugin versions up to 1.0.3 contain a stored cross-site scripting vulner
4319	CVE-2024-11273	0.07%	22.3th	6.1	This vulnerability allows high-privilege WordPress users (like administrators) to inject malicious s
4320	CVE-2024-10703	0.07%	22.3th	6.1	This vulnerability allows high-privilege WordPress users (like administrators) to inject malicious s
4321	CVE-2024-11033	0.07%	22.2th	6.5	A Denial of Service vulnerability in binary-husky/gpt_academic version 3.83 allows attackers to cras
4322	CVE-2025-32376	0.07%	22.2th	4.3	This vulnerability allows attackers to bypass the user limit for direct messages (DMs) in Discourse,
4323	CVE-2025-3956	0.07%	22.2th	6.3	This critical SQL injection vulnerability in novel-cloud 1.4.0 allows remote attackers to execute ar
4324	CVE-2025-3636	0.07%	22.3th	4.3	This vulnerability in Moodle allows unauthorized users to access RSS feeds due to insufficient permi
4325	CVE-2025-3139	0.07%	22.2th	5.3	A critical buffer overflow vulnerability exists in the Bus Reservation System 1.0 login function. At
4326	CVE-2025-21952	0.07%	22.2th	5.5	A race condition vulnerability in the Linux kernel's Corsair VOID HID driver could cause kernel pani
4327	CVE-2025-21933	0.07%	22.2th	5.5	This CVE describes a NULL pointer dereference vulnerability in the Linux kernel's ARM page table han
4328	CVE-2025-4610	0.07%	22.2th	6.4	The WP-Members Membership Plugin for WordPress has a stored XSS vulnerability in all versions up to
4329	CVE-2025-47540	0.07%	22.3th	5.3	This vulnerability in weDevs weMail WordPress plugin allows unauthorized users to retrieve embedded
4330	CVE-2025-7785	0.07%	22.3th	4.3	This CVE describes an open redirect vulnerability in JeeSite's SSO controller that allows attackers
4331	CVE-2025-7192	0.07%	22.2th	6.3	This critical vulnerability in D-Link DIR-645 routers allows remote attackers to execute arbitrary c
4332	CVE-2025-49671	0.07%	22.3th	6.5	This vulnerability in Windows Routing and Remote Access Service (RRAS) allows unauthorized network a
4333	CVE-2025-49664	0.07%	22.2th	5.5	This vulnerability in Windows User-Mode Driver Framework Host allows local attackers to access sensi
4334	CVE-2025-48808	0.07%	22.2th	5.5	This Windows Kernel vulnerability allows an authenticated attacker with local access to a system to
4335	CVE-2025-47980	0.07%	22.4th	6.2	This vulnerability in Windows Imaging Component allows local attackers to access sensitive informati
4336	CVE-2025-55622	0.07%	22.2th	6.5	This CVE describes a task hijacking vulnerability in Reolink software where inappropriate taskAffini
4337	CVE-2025-53765	0.07%	22.3th	4.4	This vulnerability in Azure Stack allows an authorized attacker with local access to expose private
4338	CVE-2025-56207	0.07%	22.2th	6.5	A vulnerability in the Money Making Opportunity (MMO) ERC721 NFT smart contract allows users to tran
4339	CVE-2025-58324	0.07%	22.2th	6.4	This vulnerability allows authenticated attackers to inject malicious scripts into FortiSIEM web pag
4340	CVE-2025-11617	0.07%	22.3th	5.4	A missing validation check in FreeRTOS-Plus-TCP's IPv6 packet processing allows out-of-bounds reads
4341	CVE-2025-11616	0.07%	22.3th	5.4	A missing validation check in FreeRTOS-Plus-TCP's ICMPv6 packet processing code can cause an out-of-
4342	CVE-2025-11508	0.07%	22.2th	4.7	This vulnerability in code-projects Voting System 1.0 allows remote attackers to upload arbitrary fi
4343	CVE-2025-13209	0.07%	22.3th	6.3	This CVE describes an XML External Entity (XXE) vulnerability in bestfeng oa_git_free software up to
4344	CVE-2026-0505	0.07%	22.3th	6.1	This CVE describes an unvalidated redirect vulnerability in BSP applications where unauthenticated a
4345	CVE-2025-12818	0.07%	22.3th	5.9	An integer wraparound vulnerability in PostgreSQL's libpq client library allows attackers to cause u
4346	CVE-2025-63949	0.07%	22.2th	6.1	A reflected cross-site scripting vulnerability in the yohanawi Hotel Management System allows attack
4347	CVE-2025-69285	0.07%	22.3th	6.1	SQLBot versions before 1.5.0 have an authentication bypass vulnerability in the /api/v1/datasource/u
4348	CVE-2026-22787	0.07%	22.3th	6.1	html2pdf.js versions before 0.14.0 contain a cross-site scripting (XSS) vulnerability when processin
4349	CVE-2026-20927	0.07%	22.2th	5.3	A race condition vulnerability in Windows SMB Server allows authenticated attackers to cause denial
4350	CVE-2026-1976	0.07%	22.3th	5.3	A null pointer dereference vulnerability in Free5GC's SMF component allows remote attackers to cause

← Previous Page 87 of 331 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free