Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
4401	CVE-2025-21055	0.07%	22.1th	4.3	This vulnerability in Samsung's libimagecodec.quram.so library allows remote attackers to read and w
4402	CVE-2025-11554	0.07%	22th	6.3	This vulnerability in Portabilis i-Educar allows attackers to escalate privileges through insecure i
4403	CVE-2025-11996	0.07%	22.1th	5.3	The Find Unused Images WordPress plugin has an authorization bypass vulnerability that allows unauth
4404	CVE-2025-53939	0.07%	22.1th	6.3	CVE-2025-53939 is an improper input validation vulnerability in Kiteworks private data network that
4405	CVE-2025-13771	0.07%	22.1th	6.5	CVE-2025-13771 is an arbitrary file read vulnerability in WebITR software developed by Uniong. Authe
4406	CVE-2025-55058	0.07%	22th	4.5	This vulnerability involves improper input validation (CWE-20) that could allow attackers to submit
4407	CVE-2024-7021	0.07%	22.1th	4.3	This vulnerability allows attackers to create fake autofill UI elements in Chrome that appear legiti
4408	CVE-2025-59849	0.07%	22.1th	4.7	This vulnerability in HCL BigFix Remote Control Lite Web Portal allows attackers to bypass Content S
4409	CVE-2025-66482	0.07%	22.1th	6.5	This vulnerability allows attackers to bypass IP-based rate limiting in Misskey by forging X-Forward
4410	CVE-2025-13969	0.07%	22th	6.4	The Reviews Sorted WordPress plugin has a stored cross-site scripting vulnerability that allows auth
4411	CVE-2025-13314	0.07%	22th	5.3	This vulnerability in the Filter Plus WooCommerce plugin allows unauthenticated attackers to modify
4412	CVE-2025-65289	0.07%	22.1th	6.1	A stored XSS vulnerability in Mercury MR816v2 routers allows attackers on the local network to injec
4413	CVE-2026-1467	0.07%	22.1th	5.8	This CRLF injection vulnerability in libsoup allows attackers to inject malicious HTTP headers or re
4414	CVE-2025-15532	0.07%	22th	5.3	CVE-2025-15532 is a resource consumption vulnerability in Open5GS's Timer Handler component that all
4415	CVE-2025-14078	0.07%	22th	5.3	The PAYGENT for WooCommerce WordPress plugin has an authorization bypass vulnerability that allows u
4416	CVE-2025-20943	0.07%	22th	6.4	This vulnerability allows local privileged attackers to perform out-of-bounds writes in the secfr tr
4417	CVE-2025-24703	0.07%	21.8th	4.4	This Server-Side Request Forgery (SSRF) vulnerability in the WordPress Comment Edit Core plugin allo
4418	CVE-2024-48883	0.07%	21.8th	4.3	This vulnerability in Samsung Exynos processors allows information leakage when a malformed uplink s
4419	CVE-2024-12568	0.07%	21.9th	4.8	This vulnerability allows high-privilege WordPress users (like administrators) to inject malicious s
4420	CVE-2024-12566	0.07%	21.9th	4.8	This vulnerability allows high-privilege WordPress users (like administrators) to inject malicious s
4421	CVE-2024-56826	0.07%	21.9th	5.6	A heap buffer overflow vulnerability exists in OpenJPEG's opj_decompress utility when specific optio
4422	CVE-2025-0229	0.07%	21.8th	6.3	This critical SQL injection vulnerability in Travel Management System 1.0 allows remote attackers to
4423	CVE-2025-0212	0.07%	21.8th	6.3	This critical SQL injection vulnerability in Campcodes Student Grading System 1.0 allows remote atta
4424	CVE-2024-45781	0.07%	21.8th	6.7	This vulnerability in grub2 allows attackers to write beyond heap boundaries when processing symboli
4425	CVE-2024-45774	0.07%	21.8th	6.7	A buffer overflow vulnerability in GRUB2's JPEG parser allows specially crafted JPEG files to trigge
4426	CVE-2024-57082	0.07%	21.9th	6.5	A prototype pollution vulnerability in the lib.createUploader function of @rpldy/uploader v1.8.1 all
4427	CVE-2025-30438	0.07%	21.7th	5.5	This vulnerability allows a malicious app to dismiss the system notification that appears on the Loc
4428	CVE-2025-26762	0.07%	21.9th	5.9	A stored cross-site scripting (XSS) vulnerability in WooCommerce allows attackers to inject maliciou
4429	CVE-2025-22640	0.07%	21.9th	5.9	A stored cross-site scripting (XSS) vulnerability in the Paytm Payment Donation WordPress plugin all
4430	CVE-2025-22496	0.07%	21.9th	5.9	This stored cross-site scripting (XSS) vulnerability in the Notif Bell WordPress plugin allows attac
4431	CVE-2025-30575	0.07%	21.9th	5.9	This stored cross-site scripting (XSS) vulnerability in the WordPress Login Redirect plugin allows a
4432	CVE-2025-30573	0.07%	21.9th	5.9	This stored cross-site scripting (XSS) vulnerability in the WordPress 'My Default Post Content' plug
4433	CVE-2025-3915	0.07%	21.9th	4.3	The Aeropage Sync for Airtable WordPress plugin has an authorization vulnerability that allows authe
4434	CVE-2025-3752	0.07%	21.8th	6.4	This stored XSS vulnerability in the Able Player WordPress plugin allows authenticated attackers wit
4435	CVE-2025-44135	0.07%	21.8th	6.5	This SQL injection vulnerability in Online Class and Exam Scheduling System 1.0 allows attackers to
4436	CVE-2025-3814	0.07%	21.8th	6.4	This stored XSS vulnerability in the Tax Switch for WooCommerce WordPress plugin allows authenticate
4437	CVE-2025-22053	0.07%	21.8th	5.5	A race condition vulnerability in the Linux kernel's ibmveth driver allows concurrent writes to sysf
4438	CVE-2024-51552	0.07%	21.9th	6.0	This CVE describes weak password storage vulnerabilities in ABB's ASPECT, NEXUS, and MATRIX series p
4439	CVE-2025-40578	0.07%	21.9th	4.3	A denial-of-service vulnerability in Siemens SCALANCE LPE9403 devices allows unauthenticated remote
4440	CVE-2025-52997	0.07%	21.9th	5.9	File Browser versions before 2.34.1 lack password policy enforcement and brute-force protection, all
4441	CVE-2025-53664	0.07%	21.7th	6.5	The Jenkins Apica Loadtest Plugin stores authentication tokens in plaintext within job configuration
4442	CVE-2025-29520	0.07%	22th	5.3	This vulnerability allows authenticated attackers with low-level privileges in D-Link DSL-7740C rout
4443	CVE-2025-9140	0.07%	21.9th	6.3	This SQL injection vulnerability in Shanghai Lingdang Information Technology's Lingdang CRM allows r
4444	CVE-2025-55887	0.07%	21.7th	6.1	A Cross-Site Scripting (XSS) vulnerability in the ARD meal reservation service allows attackers to i
4445	CVE-2025-55886	0.07%	21.9th	6.5	An authenticated attacker can manipulate the fe_uid parameter in ARD's payment history API to view o
4446	CVE-2025-53804	0.07%	21.8th	5.5	This Windows Kernel vulnerability allows an authenticated attacker with local access to a system to
4447	CVE-2025-26441	0.07%	21.9th	6.5	This CVE describes an out-of-bounds read vulnerability in Android's Bluetooth SDP discovery componen
4448	CVE-2025-9801	0.07%	21.8th	5.4	This CVE describes a path traversal vulnerability in SimStudioAI sim software where manipulation of
4449	CVE-2024-26008	0.07%	21.8th	5.3	This vulnerability allows an unauthenticated attacker to repeatedly reset the fgfm connection via cr
4450	CVE-2025-9551	0.07%	21.8th	6.5	This vulnerability in Drupal Protected Pages module allows attackers to perform brute force attacks

← Previous Page 89 of 331 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free