Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
401	CVE-2025-13797	0.56%	67.7th	6.3	This CVE describes a command injection vulnerability in the ADSLR B-QE2W401 device's web interface.
402	CVE-2025-2551	0.56%	67.7th	4.3	This vulnerability in D-Link DIR-618 and DIR-605L routers allows attackers with local network access
403	CVE-2025-29961	0.56%	67.6th	6.5	An out-of-bounds read vulnerability in Windows Routing and Remote Access Service (RRAS) allows unaut
404	CVE-2026-1327	0.55%	67.5th	6.3	This CVE describes a remote command injection vulnerability in Totolink NR1800X routers. Attackers c
405	CVE-2025-0292	0.55%	67.4th	5.5	This SSRF vulnerability in Ivanti Connect Secure and Policy Secure allows authenticated administrato
406	CVE-2025-29955	0.55%	67.4th	6.2	An improper input validation vulnerability in Windows Hyper-V allows local attackers to cause denial
407	CVE-2026-21859	0.55%	67.4th	5.8	Mailpit versions 1.28.0 and below have a Server-Side Request Forgery (SSRF) vulnerability in the /pr
408	CVE-2025-21301	0.55%	67.3th	6.5	This vulnerability in Windows Geolocation Service allows unauthorized access to location information
409	CVE-2024-56196	0.55%	67.2th	6.3	Apache Traffic Server versions 10.0.0 through 10.0.3 contain an improper access control vulnerabilit
410	CVE-2025-29985	0.54%	67.1th	6.5	Dell Common Event Enabler version 9.0.0.0 contains an insecure default configuration vulnerability i
411	CVE-2025-30672	0.54%	67.1th	6.5	Mite for Perl before version 0.013000 includes the current working directory ('.') in Perl's @INC mo
412	CVE-2025-1934	0.54%	67th	6.5	This vulnerability allows an attacker to interrupt RegExp bailout processing and execute additional
413	CVE-2025-2337	0.54%	66.9th	6.3	A critical heap-based buffer overflow vulnerability in matio library versions 1.5.28 allows remote a
414	CVE-2024-32115	0.53%	66.8th	5.5	A relative path traversal vulnerability in Fortinet FortiManager allows privileged attackers to dele
415	CVE-2024-57170	0.53%	66.6th	6.5	SOPlanning 1.53.00 has a directory traversal vulnerability in the upload.php file that allows authen
416	CVE-2025-31724	0.53%	66.6th	4.3	The Jenkins Cadence vManager Plugin stores Verisium Manager vAPI keys unencrypted in job configurati
417	CVE-2024-12243	0.53%	66.5th	5.3	This vulnerability in GnuTLS (via libtasn1) allows remote attackers to cause denial-of-service by se
418	CVE-2024-13426	0.52%	66.4th	5.4	The WP-Polls WordPress plugin up to version 2.77.2 contains an SQL injection vulnerability via cooki
419	CVE-2024-12299	0.52%	66.3th	6.1	The System Dashboard WordPress plugin contains a reflected cross-site scripting (XSS) vulnerability
420	CVE-2024-13706	0.52%	66.3th	6.1	The WP Image Uploader WordPress plugin contains a reflected cross-site scripting vulnerability that
421	CVE-2024-13711	0.52%	66.3th	6.1	The Pollin WordPress plugin has a reflected cross-site scripting vulnerability in all versions up to
422	CVE-2024-13508	0.52%	66.3th	6.1	This vulnerability allows unauthenticated attackers to inject malicious scripts via the locale param
423	CVE-2024-13867	0.52%	66.3th	6.1	This vulnerability allows unauthenticated attackers to inject malicious scripts via the 's' paramete
424	CVE-2024-9217	0.52%	66.3th	6.1	The Currency Switcher for WooCommerce WordPress plugin contains a reflected cross-site scripting (XS
425	CVE-2025-10210	0.52%	66.3th	6.3	This CVE describes a SQL injection vulnerability in ChanCMS up to version 3.3.0, specifically in the
426	CVE-2024-43709	0.52%	66.2th	6.5	This vulnerability in Elasticsearch allows attackers to cause a denial of service by sending special
427	CVE-2025-31360	0.52%	66.1th	6.5	Unauthenticated attackers can trigger device actions associated with specific 'scenes' of arbitrary
428	CVE-2025-27561	0.52%	66.1th	5.3	Unauthenticated attackers can rename rooms belonging to arbitrary users in affected systems. This au
429	CVE-2024-13378	0.52%	66.1th	5.4	The Gravity Forms WordPress plugin has a stored XSS vulnerability that allows unauthenticated attack
430	CVE-2025-20187	0.51%	66th	6.5	This vulnerability in Cisco Catalyst SD-WAN Manager allows authenticated remote attackers to write a
431	CVE-2025-2127	0.51%	65.9th	4.3	This vulnerability allows attackers to inject malicious scripts via the Itemid/jp_yearbuilt paramete
432	CVE-2025-20644	0.51%	65.8th	6.5	This vulnerability in MediaTek modems allows memory corruption due to incorrect error handling when
433	CVE-2025-29049	0.5%	65.5th	6.3	A Cross-Site Scripting (XSS) vulnerability in arnog MathLive versions v0.103.0 and earlier allows at
434	CVE-2025-5139	0.5%	65.6th	5.6	This critical vulnerability in Qualitor 8.20/8.24 allows remote attackers to execute arbitrary comma
435	CVE-2023-7321	0.5%	65.6th	5.4	Nagios Log Server versions before 2.1.14 contain a stored cross-site scripting vulnerability in the
436	CVE-2023-7319	0.5%	65.6th	5.4	Nagios Network Analyzer versions before 2024R1 contain a cross-site scripting vulnerability in the P
437	CVE-2022-50588	0.5%	65.6th	5.4	Nagios XI versions before 5.8.9 contain a stored cross-site scripting vulnerability in the update ch
438	CVE-2022-50587	0.5%	65.6th	5.4	Nagios XI versions before 5.8.9 contain a stored cross-site scripting vulnerability in the Apply Con
439	CVE-2022-50586	0.5%	65.6th	5.4	Nagios XI versions before 5.8.9 contain a stored cross-site scripting vulnerability in the BPI compo
440	CVE-2022-50585	0.5%	65.6th	5.4	This cross-site scripting (XSS) vulnerability in Nagios XI's Core Config Manager allows attackers to
441	CVE-2022-50584	0.5%	65.6th	5.4	This cross-site scripting (XSS) vulnerability in Nagios XI's Core Config Manager allows attackers to
442	CVE-2021-47699	0.5%	65.6th	5.4	Nagios XI versions before 5.8.7 contain a cross-site scripting vulnerability in the Audit Log page's
443	CVE-2021-47697	0.5%	65.6th	5.4	Nagios XI versions before 5.8.0 contain a cross-site scripting vulnerability in the Views feature UR
444	CVE-2021-47696	0.5%	65.6th	5.4	Nagios XI versions before 5.8.0 contain a cross-site scripting vulnerability in BPI config ID handli
445	CVE-2021-47695	0.5%	65.6th	5.4	Nagios XI versions before 5.8.0 contain a stored cross-site scripting (XSS) vulnerability in the My
446	CVE-2021-47691	0.5%	65.6th	5.4	This CVE describes multiple cross-site scripting (XSS) vulnerabilities in Nagios XI's Core Config Ma
447	CVE-2021-47690	0.5%	65.6th	5.4	This cross-site scripting vulnerability in Nagios XI's Core Config Manager allows attackers to injec
448	CVE-2020-36866	0.5%	65.6th	5.4	This cross-site scripting (XSS) vulnerability in Nagios XI allows attackers to inject malicious scri
449	CVE-2020-36865	0.5%	65.6th	5.4	This cross-site scripting vulnerability in Nagios XI allows attackers to inject malicious scripts in
450	CVE-2020-36861	0.5%	65.6th	5.4	This CVE describes multiple cross-site scripting (XSS) vulnerabilities in Nagios XI's Core Config Ma

← Previous Page 9 of 331 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free