Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
4351	CVE-2026-1975	0.07%	22.3th	5.3	A null pointer dereference vulnerability in Free5GC's pfcp_reports.go allows remote attackers to cau
4352	CVE-2026-1973	0.07%	22.3th	5.3	A null pointer dereference vulnerability in Free5GC's SMF component allows remote attackers to cause
4353	CVE-2026-20985	0.07%	22.4th	4.3	This vulnerability in Samsung Members app allows remote attackers to redirect users to arbitrary URL
4354	CVE-2024-43063	0.07%	22.1th	6.1	This vulnerability allows unauthorized access to mailbox data through the mailbox read API, potentia
4355	CVE-2024-33061	0.07%	22.1th	6.8	This vulnerability allows information disclosure through improper handling of IOCTL calls in Qualcom
4356	CVE-2024-23366	0.07%	22.1th	6.6	This CVE describes an information disclosure vulnerability in Qualcomm mailbox write API where proce
4357	CVE-2025-25957	0.07%	22th	6.1	This Cross-Site Scripting (XSS) vulnerability in Xunruicms allows attackers to inject malicious scri
4358	CVE-2025-25960	0.07%	22th	6.1	This Cross-Site Scripting (XSS) vulnerability in PHPCMS v9.6.3 allows attackers to inject malicious
4359	CVE-2024-49344	0.07%	22.1th	4.3	IBM OpenPages with Watson versions 8.3 and 9.0 have a session management vulnerability where chat se
4360	CVE-2025-1201	0.07%	22.1th	6.3	This critical SQL injection vulnerability in SourceCodester Best Church Management Software 1.1 allo
4361	CVE-2025-1199	0.07%	22.1th	6.3	This critical SQL injection vulnerability in Best Church Management Software allows remote attackers
4362	CVE-2025-30470	0.07%	22th	5.5	This CVE describes a path handling vulnerability in Apple operating systems that could allow an app
4363	CVE-2025-30463	0.07%	22.1th	5.5	This vulnerability allows malicious apps to bypass data container restrictions and access sensitive
4364	CVE-2024-10105	0.07%	22th	5.9	The Job Postings WordPress plugin before version 2.7.11 contains a stored cross-site scripting (XSS)
4365	CVE-2024-9098	0.07%	22th	6.1	This privilege escalation vulnerability allows administrators in lunary-ai/lunary to invite new user
4366	CVE-2024-8556	0.07%	22.1th	6.1	A stored cross-site scripting (XSS) vulnerability in modelscope/agentscope allows attackers to injec
4367	CVE-2024-8029	0.07%	22.1th	6.1	This Cross-Site Scripting (XSS) vulnerability in PrivateGPT allows attackers to upload malicious SVG
4368	CVE-2024-7476	0.07%	22th	4.3	This broken access control vulnerability allows authenticated attackers to modify any user's templat
4369	CVE-2024-58102	0.07%	22.1th	5.7	This vulnerability in Datalust Seq allows attackers to cause denial of service through stack exhaust
4370	CVE-2025-4015	0.07%	22th	5.3	This CVE describes an authentication bypass vulnerability in Novel-Plus software that allows unauthe
4371	CVE-2025-22123	0.07%	22.1th	5.5	A use-after-free vulnerability in the Linux kernel's F2FS filesystem allows attackers to cause a ker
4372	CVE-2025-22051	0.07%	22.1th	5.5	A NULL pointer dereference vulnerability in the Linux kernel's GPIB driver for Agilent USB dongles a
4373	CVE-2025-32386	0.07%	22.1th	6.5	This CVE describes a memory exhaustion vulnerability in Helm where specially crafted chart archive f
4374	CVE-2025-21988	0.07%	22.1th	5.5	A race condition in the Linux kernel's netfs read collection subsystem can cause data corruption and
4375	CVE-2025-23393	0.07%	22.1th	5.2	This Cross-Site Scripting (XSS) vulnerability in spacewalk-java allows attackers to inject malicious
4376	CVE-2025-23392	0.07%	22.1th	5.2	This CVE describes a basic cross-site scripting (XSS) vulnerability in spacewalk-java that allows at
4377	CVE-2025-31329	0.07%	22.1th	6.2	SAP NetWeaver has an information disclosure vulnerability where administrators can inject malicious
4378	CVE-2025-4353	0.07%	22.1th	6.3	A critical SQL injection vulnerability exists in Brilliance Golden Link Secondary System through the
4379	CVE-2025-1838	0.07%	22th	6.5	This vulnerability in IBM Cloud Pak for Business Automation allows authenticated users to bypass cli
4380	CVE-2025-6736	0.07%	22.1th	6.3	This critical vulnerability in juzaweb CMS 3.4.2 allows unprivileged users to upload new themes via
4381	CVE-2025-6193	0.07%	22.1th	5.9	A command injection vulnerability in TrustyAI Explainability toolkit allows authenticated users with
4382	CVE-2025-33062	0.07%	22th	5.5	This vulnerability allows an authorized attacker to read memory outside the intended buffer in Windo
4383	CVE-2025-33060	0.07%	22th	5.5	CVE-2025-33060 is an out-of-bounds read vulnerability in Windows Storage Management Provider that al
4384	CVE-2025-33058	0.07%	22th	5.5	CVE-2025-33058 is an out-of-bounds read vulnerability in Windows Storage Management Provider that al
4385	CVE-2025-32719	0.07%	22th	5.5	CVE-2025-32719 is an out-of-bounds read vulnerability in Windows Storage Management Provider that al
4386	CVE-2025-24069	0.07%	22th	5.5	This vulnerability allows an authorized attacker to read memory outside the intended buffer in Windo
4387	CVE-2025-24065	0.07%	22th	5.5	This vulnerability allows an authorized attacker to perform an out-of-bounds read in Windows Storage
4388	CVE-2024-52885	0.07%	22.1th	5.0	This directory traversal vulnerability in Check Point's Mobile Access Portal File Share application
4389	CVE-2025-7698	0.07%	22th	5.9	This CVE describes an out-of-bounds read vulnerability in multiple Canon printer drivers. Attackers
4390	CVE-2025-60114	0.07%	22.1th	6.6	This CVE describes a code injection vulnerability in the YayCommerce YayCurrency WordPress plugin th
4391	CVE-2025-60098	0.07%	22th	6.5	This CVE describes a missing authorization vulnerability in the Theme My Login WordPress plugin that
4392	CVE-2025-9541	0.07%	22.1th	4.7	The Markup Markdown WordPress plugin before version 3.20.10 contains a stored cross-site scripting (
4393	CVE-2025-9540	0.07%	22.1th	4.7	The Markup Markdown WordPress plugin before version 3.20.10 contains a stored cross-site scripting (
4394	CVE-2025-9487	0.07%	22.1th	4.7	The Admin and Site Enhancements (ASE) WordPress plugin before version 7.9.8 fails to properly saniti
4395	CVE-2025-62706	0.07%	22.1th	6.5	CVE-2025-62706 is a denial-of-service vulnerability in Authlib's JWE implementation where DEFLATE de
4396	CVE-2025-56747	0.07%	22th	6.5	Creativeitem Academy LMS versions up to 5.13 contain a privilege escalation vulnerability where auth
4397	CVE-2025-9698	0.07%	22.1th	6.8	The Plus Addons for Elementor WordPress plugin before version 6.3.16 fails to sanitize SVG file cont
4398	CVE-2025-11637	0.07%	22.1th	4.3	A race condition vulnerability exists in the Audio Handler component of Tomofun Furbo 360 devices up
4399	CVE-2025-62158	0.07%	22th	5.3	Frappe Learning versions before 2.38.0 stored student-uploaded assignment attachments as public file
4400	CVE-2025-21055	0.07%	22.1th	4.3	This vulnerability in Samsung's libimagecodec.quram.so library allows remote attackers to read and w

← Previous Page 88 of 331 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free