Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 401 | CVE-2025-29783 |
|
81.9th | 9.0 | CVE-2025-29783 is a remote code execution vulnerability in vLLM when configured with Mooncake for di | |
| 402 | CVE-2024-52325 |
|
81.9th | 9.6 | ECOVACS robot lawnmowers and vacuums are vulnerable to unauthenticated command injection via Bluetoo | |
| 403 | CVE-2025-47733 |
|
81.9th | 9.1 | This Server-Side Request Forgery (SSRF) vulnerability in Microsoft Power Apps allows attackers to ma | |
| 404 | CVE-2025-52562 |
|
81.8th | 10.0 | This is a critical directory traversal vulnerability in Convoy KVM server management panel that allo | |
| 405 | CVE-2025-0756 |
|
81.7th | 9.1 | This vulnerability in Hitachi Vantara Pentaho Data Integration & Analytics allows attackers to injec | |
| 406 | CVE-2025-57174 |
|
81.7th | 9.8 | This vulnerability allows unauthenticated remote attackers to execute arbitrary commands on Siklu Et | |
| 407 | CVE-2025-8769 |
|
81.7th | 9.8 | CVE-2025-8769 is a critical remote code execution vulnerability in Telenium Online Web Application. | |
| 408 | CVE-2026-0768 |
|
81.7th | 9.8 | CVE-2026-0768 is a critical remote code execution vulnerability in Langflow that allows unauthentica | |
| 409 | CVE-2026-0761 |
|
81.7th | 9.8 | This critical vulnerability allows unauthenticated remote attackers to execute arbitrary Python code | |
| 410 | CVE-2025-27407 |
|
81.6th | 9.0 | This vulnerability in graphql-ruby allows remote code execution when loading malicious schema defini | |
| 411 | CVE-2018-25115 |
|
81.6th | 9.8 | This CVE describes an unauthenticated remote command execution vulnerability in multiple D-Link DIR- | |
| 412 | CVE-2025-30282 |
|
81.5th | 9.1 | This CVE describes an improper authentication vulnerability in Adobe ColdFusion that allows high-pri | |
| 413 | CVE-2025-45988 |
|
81.4th | 9.8 | This CVE describes multiple command injection vulnerabilities in Blink routers where attackers can e | |
| 414 | CVE-2025-45986 |
|
81.4th | 9.8 | This CVE describes a command injection vulnerability in multiple Blink router models that allows att | |
| 415 | CVE-2025-45984 |
|
81.4th | 9.8 | This CVE describes a command injection vulnerability in multiple Blink router models via the routepw | |
| 416 | CVE-2024-53924 |
|
81.4th | 9.8 | Pycel versions up to 1.0b30 allow remote code execution when processing untrusted Excel spreadsheets | |
| 417 | CVE-2023-54327 |
|
81.4th | 9.8 | CVE-2023-54327 is an authentication bypass vulnerability in Tinycontrol LAN Controller 1.58a that al | |
| 418 | CVE-2025-25014 |
|
81.4th | 9.1 | A prototype pollution vulnerability in Kibana allows attackers to execute arbitrary code by sending | |
| 419 | CVE-2025-0316 |
|
81.3th | 9.8 | The WP Directorybox Manager plugin for WordPress has an authentication bypass vulnerability that all | |
| 420 | CVE-2025-22398 |
|
81.3th | 9.8 | This critical vulnerability allows unauthenticated remote attackers to execute arbitrary operating s | |
| 421 | CVE-2024-12044 |
|
81.2th | 9.8 | This critical vulnerability allows remote code execution in open-mmlab/mmdetection v3.3.0 through un | |
| 422 | CVE-2024-13725 |
|
81.2th | 9.8 | The Keap Official Opt-in Forms WordPress plugin has a Local File Inclusion vulnerability that allows | |
| 423 | CVE-2026-0773 |
|
81.1th | 9.8 | CVE-2026-0773 is a critical remote code execution vulnerability in Upsonic's Cloudpickle deserializa | |
| 424 | CVE-2026-0764 |
|
81.1th | 9.8 | CVE-2026-0764 is a critical deserialization vulnerability in GPT Academic's upload endpoint that all | |
| 425 | CVE-2026-0763 |
|
81.1th | 9.8 | CVE-2026-0763 is a critical deserialization vulnerability in GPT Academic's run_in_subprocess_wrappe | |
| 426 | CVE-2026-0760 |
|
81.1th | 9.8 | CVE-2026-0760 is a critical remote code execution vulnerability in Foundation Agents MetaGPT's deser | |
| 427 | CVE-2025-2263 |
|
81th | 9.8 | This vulnerability allows unauthenticated remote attackers to execute arbitrary code on Sante PACS S | |
| 428 | CVE-2025-4603 |
|
81th | 9.1 | The eMagicOne Store Manager for WooCommerce WordPress plugin has an arbitrary file deletion vulnerab | |
| 429 | CVE-2025-2505 |
|
81th | 9.8 | The Age Gate WordPress plugin contains a Local File Inclusion vulnerability that allows unauthentica | |
| 430 | CVE-2025-46347 |
|
80.9th | 9.8 | YesWiki versions before 4.5.4 contain a remote code execution vulnerability that allows attackers to | |
| 431 | CVE-2025-29926 |
|
80.8th | 9.8 | This vulnerability allows any user to exploit the WikiManager REST API in XWiki Platform to create a | |
| 432 | CVE-2025-44071 |
|
80.7th | 9.8 | SeaCMS v13.3 contains a remote code execution vulnerability in phomebak.php that allows attackers to | |
| 433 | CVE-2026-1499 |
|
80.6th | 9.8 | The WP Duplicate plugin for WordPress has a critical vulnerability that allows authenticated attacke | |
| 434 | CVE-2025-0855 |
|
80.6th | 9.8 | The PGS Core WordPress plugin is vulnerable to PHP Object Injection via insecure deserialization in | |
| 435 | CVE-2024-55371 |
|
80.6th | 9.8 | Wallos versions up to 2.38.2 contain a file upload vulnerability in the restore backup function that | |
| 436 | CVE-2022-50794 |
|
80.5th | 9.8 | This vulnerability allows unauthenticated attackers to execute arbitrary system commands on SOUND4 I | |
| 437 | CVE-2025-2005 |
|
80.5th | 9.8 | The Front End Users WordPress plugin allows unauthenticated attackers to upload arbitrary files thro | |
| 438 | CVE-2024-54806 |
|
80.4th | 9.8 | CVE-2024-54806 allows remote attackers to execute arbitrary system commands on Netgear WNR854T route | |
| 439 | CVE-2022-50691 |
|
80.4th | 9.8 | CVE-2022-50691 is a critical remote command execution vulnerability in MiniDVBLinux 5.4 that allows | |
| 440 | CVE-2023-53914 |
|
80.4th | 9.8 | CVE-2023-53914 is an authentication bypass vulnerability in UliCMS 2023.1 that allows unauthenticate | |
| 441 | CVE-2025-25744 |
|
80.3th | 9.8 | This vulnerability allows remote attackers to execute arbitrary code on D-Link DIR-853 A1 routers by | |
| 442 | CVE-2024-10215 |
|
80.3th | 9.8 | The WPBookit WordPress plugin vulnerability allows unauthenticated attackers to change any user's pa | |
| 443 | CVE-2024-39784 |
|
80.3th | 9.1 | This CVE describes multiple command injection vulnerabilities in the Wavlink AC3000 router's nas.cgi | |
| 444 | CVE-2024-39764 |
|
80.3th | 9.1 | This CVE describes multiple OS command injection vulnerabilities in Wavlink AC3000 routers that allo | |
| 445 | CVE-2024-39762 |
|
80.3th | 9.1 | This CVE describes multiple OS command injection vulnerabilities in the Wavlink AC3000 router's inte | |
| 446 | CVE-2024-39794 |
|
80.3th | 9.1 | This vulnerability allows authenticated attackers to bypass permissions and inject configuration com | |
| 447 | CVE-2024-39790 |
|
80.3th | 9.1 | This vulnerability allows authenticated attackers to bypass permissions and inject configuration par | |
| 448 | CVE-2024-39788 |
|
80.3th | 9.1 | This vulnerability allows authenticated attackers to bypass permissions and inject malicious configu | |
| 449 | CVE-2024-34544 |
|
80.3th | 9.1 | This CVE describes a command injection vulnerability in the Wavlink AC3000 router's wireless.cgi Add | |
| 450 | CVE-2024-10190 |
|
80.2th | 9.8 | Horovod versions up to v0.28.1 are vulnerable to unauthenticated remote code execution via malicious |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free