Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Flags	Summary
401	CVE-2024-55968	10.72%	93.2th	8.8		This vulnerability allows unauthorized local attackers to escalate privileges to root on macOS syste
402	CVE-2025-53558	10.71%	93.2th	8.8		ZTE Japan's ZXHN-F660T and ZXHN-F660A routers use a hardcoded credential shared across all installat
403	CVE-2025-21380	10.63%	93.1th	8.8		This vulnerability allows authenticated attackers to bypass access controls in Azure SaaS Resources,
404	CVE-2025-7775	10.62%	93.1th	9.8	KEV	A memory overflow vulnerability in NetScaler ADC and NetScaler Gateway allows remote attackers to ex
405	CVE-2025-52665	10.56%	93.1th	10.0		An authentication bypass vulnerability in UniFi Access door control software allows attackers on the
406	CVE-2025-26264	10.53%	93.1th	8.8		GeoVision GV-ASWeb versions 6.1.2.0 and below contain an authenticated remote code execution vulnera
407	CVE-2025-66744	10.48%	93.1th	7.5		This vulnerability in Yonyou YonBIP allows attackers to bypass normal directory restrictions via pat
408	CVE-2024-54085	10.47%	93.1th	9.8	KEV	CVE-2024-54085 is a critical authentication bypass vulnerability in AMI's SPx BMC firmware that allo
409	CVE-2025-32724	10.43%	93.1th	7.5		This vulnerability allows an unauthorized attacker to cause a denial of service (DoS) in Windows LSA
410	CVE-2025-58443	10.24%	93th	9.1		This CVE describes an authentication bypass vulnerability in FOG Project versions 1.5.10.1673 and be
411	CVE-2025-2636	10.16%	92.9th	9.8		This vulnerability allows unauthenticated attackers to include and execute arbitrary PHP files on Wo
412	CVE-2025-44136	10.02%	92.9th	9.8		CVE-2025-44136 is a reflected cross-site scripting vulnerability in MapTiler Tileserver-php where th
413	CVE-2025-28367	10%	92.9th	6.5		CVE-2025-28367 is a directory traversal vulnerability in mojoPortal's BetterImageGallery API Control
414	CVE-2025-23369	9.97%	92.9th	8.8		This vulnerability allows unauthorized internal users to spoof cryptographic signatures in GitHub En
415	CVE-2025-61489	9.92%	92.8th	6.5		A command injection vulnerability in sonirico mcp-shell v0.3.1 allows attackers to execute arbitrary
416	CVE-2025-21343	9.88%	92.8th	7.5		This vulnerability in Windows Web Threat Defense User Service allows attackers to read sensitive inf
417	CVE-2024-6159	9.84%	92.8th	9.8		This vulnerability allows unauthenticated attackers to execute arbitrary SQL commands on WordPress s
418	CVE-2025-64128	9.8%	92.8th	10.0		An OS command injection vulnerability (CWE-78) allows unauthenticated attackers to execute arbitrary
419	CVE-2025-64127	9.8%	92.8th	10.0		This critical vulnerability allows unauthenticated remote attackers to execute arbitrary operating s
420	CVE-2025-64126	9.8%	92.8th	10.0		This critical OS command injection vulnerability allows unauthenticated attackers to execute arbitra
421	CVE-2025-53690	9.76%	92.8th	9.0	KEV	This CVE describes a deserialization vulnerability in Sitecore Experience Manager (XM) and Experienc
422	CVE-2025-33068	9.71%	92.7th	7.5		This vulnerability in Windows Standards-Based Storage Management Service allows unauthorized attacke
423	CVE-2025-52694	9.71%	92.7th	10.0		This critical SQL injection vulnerability allows unauthenticated attackers to execute arbitrary SQL
424	CVE-2025-1639	9.64%	92.7th	8.8		The Animation Addons for Elementor Pro WordPress plugin has a vulnerability that allows authenticate
425	CVE-2025-60687	9.6%	92.7th	6.5		An unauthenticated command injection vulnerability in ToToLink LR1200GB routers allows attackers to
426	CVE-2025-53722	9.54%	92.7th	7.5		This vulnerability allows an unauthorized attacker to cause a denial-of-service condition in Windows
427	CVE-2025-68926	9.47%	92.6th	9.8		This vulnerability allows attackers to bypass authentication in RustFS by using a hardcoded static t
428	CVE-2024-54764	9.47%	92.6th	6.5		An unauthenticated access control vulnerability in ipTIME A2004 routers allows attackers to access s
429	CVE-2024-20150	9.34%	92.6th	7.5		This vulnerability in MediaTek modem firmware allows remote attackers to cause a system crash (denia
430	CVE-2026-24423	9.22%	92.5th	9.8	KEV	This vulnerability allows unauthenticated attackers to execute arbitrary operating system commands o
431	CVE-2025-28145	9.17%	92.5th	6.5		This CVE describes a command injection vulnerability in Edimax AC1200 routers that allows attackers
432	CVE-2025-28143	9.17%	92.5th	6.5		This CVE describes a command injection vulnerability in Edimax AC1200 routers that allows authentica
433	CVE-2025-6770	9.17%	92.5th	7.2		CVE-2025-6770 is an OS command injection vulnerability in Ivanti Endpoint Manager Mobile (EPMM) that
434	CVE-2024-23733	9.17%	92.5th	7.5		This vulnerability allows remote attackers to bypass authentication on Software AG webMethods Integr
435	CVE-2024-54804	9.13%	92.5th	9.8		This vulnerability allows remote attackers to execute arbitrary commands on Netgear WNR854T routers
436	CVE-2025-56799	8.93%	92.4th	6.5		The Reolink desktop application version 8.18.12 contains a command injection vulnerability in its sc
437	CVE-2025-6204	8.82%	92.3th	8.0	KEV	This CVE describes a code injection vulnerability in DELMIA Apriso manufacturing software that allow
438	CVE-2025-55190	8.75%	92.3th	9.9		This CVE allows API tokens with project-level permissions in Argo CD to retrieve sensitive repositor
439	CVE-2025-61932	8.68%	92.3th	9.8	KEV	CVE-2025-61932 is a critical vulnerability in Lanscope Endpoint Manager (On-Premises) that allows un
440	CVE-2024-56289	8.51%	92.2th	7.1		This is a reflected cross-site scripting (XSS) vulnerability in the Groundhogg WordPress plugin that
441	CVE-2024-57040	8.5%	92.2th	9.8		This vulnerability involves hardcoded root passwords in specific TP-Link router firmware versions, a
442	CVE-2025-11953	8.45%	92.1th	9.8	KEV	CVE-2025-11953 is a critical OS command injection vulnerability in the React Native Community CLI's
443	CVE-2025-21418	8.43%	92.1th	7.8	KEV	This vulnerability in Windows Ancillary Function Driver for WinSock allows attackers to gain SYSTEM-
444	CVE-2024-57539	8.35%	92.1th	8.2		This CVE describes a command injection vulnerability in Linksys E8450 routers where an attacker can
445	CVE-2024-13091	8.32%	92.1th	9.8		The WPBot Pro WordPress Chatbot plugin has a critical vulnerability allowing unauthenticated attacke
446	CVE-2024-53345	8.3%	92.1th	8.8		An authenticated arbitrary file upload vulnerability in Car Rental Management System versions 1.0 th
447	CVE-2026-20805	8.2%	92th	5.5	KEV	This vulnerability in Desktop Windows Manager allows an authorized attacker with local access to dis
448	CVE-2025-30220	8.18%	92th	9.9		This XXE vulnerability in GeoServer's GeoTools Schema class allows attackers to read arbitrary files
449	CVE-2025-36845	8.13%	92th	8.6		This Server-Side Request Forgery (SSRF) vulnerability in Eveo URVE Web Manager allows attackers to m
450	CVE-2025-26633	8.06%	91.9th	7.0	KEV	CVE-2025-26633 is a security feature bypass vulnerability in Microsoft Management Console (MMC) that

← Previous Page 9 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free