Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
4501	CVE-2025-22287	0.07%	21.6th	5.4	This CVE describes a Missing Authorization vulnerability in the Eniture Technology LTL Freight Quote
4502	CVE-2025-26920	0.07%	21.6th	5.4	This CVE describes a missing authorization vulnerability in the Customify WordPress theme that allow
4503	CVE-2025-48246	0.07%	21.6th	5.4	This CVE describes a Missing Authorization vulnerability in The Events Calendar WordPress plugin tha
4504	CVE-2025-47602	0.07%	21.6th	5.4	This CVE describes a Missing Authorization vulnerability in the Calculate Prices based on Distance F
4505	CVE-2025-47480	0.07%	21.6th	5.4	This CVE describes a Missing Authorization vulnerability in the Graphina WordPress plugin that allow
4506	CVE-2025-47472	0.07%	21.6th	5.4	This CVE describes a Missing Authorization vulnerability in the Music Player for WooCommerce WordPre
4507	CVE-2025-20976	0.07%	21.6th	5.5	An out-of-bounds read vulnerability in Samsung Notes allows attackers to read memory beyond intended
4508	CVE-2025-49178	0.07%	21.6th	5.5	This vulnerability in the X server allows a malicious client to send specially crafted requests with
4509	CVE-2025-7759	0.07%	21.5th	6.3	This CVE-2025-7759 is a Server-Side Request Forgery (SSRF) vulnerability in thinkgem JeeSite's UEdit
4510	CVE-2025-50101	0.07%	21.7th	4.9	A vulnerability in MySQL Server's optimizer component allows authenticated high-privilege attackers
4511	CVE-2025-50099	0.07%	21.7th	4.9	This vulnerability in MySQL Server's InnoDB component allows authenticated high-privilege attackers
4512	CVE-2025-50092	0.07%	21.7th	4.9	This vulnerability in MySQL Server's InnoDB component allows high-privileged attackers with network
4513	CVE-2025-50088	0.07%	21.7th	4.9	This vulnerability in Oracle MySQL's InnoDB component allows authenticated high-privileged attackers
4514	CVE-2025-50079	0.07%	21.7th	4.9	This vulnerability in MySQL Server's optimizer component allows authenticated high-privilege attacke
4515	CVE-2025-50077	0.07%	21.7th	4.9	This vulnerability in MySQL Server's InnoDB component allows authenticated high-privileged attackers
4516	CVE-2025-6786	0.07%	21.6th	5.3	The DocCheck Login WordPress plugin versions up to 1.1.5 contain an authentication bypass vulnerabil
4517	CVE-2025-52554	0.07%	21.5th	4.3	This CVE describes an authorization vulnerability in n8n workflow automation platform where authenti
4518	CVE-2025-45512	0.07%	21.6th	6.5	This vulnerability in U-Boot v1.1.3 allows attackers to bypass signature verification during firmwar
4519	CVE-2025-60100	0.07%	21.6th	5.3	This Cross-Site Scripting (XSS) vulnerability in the XStore WordPress theme allows attackers to inje
4520	CVE-2025-56304	0.07%	21.5th	6.1	This cross-site scripting (XSS) vulnerability in YzmCMS allows attackers to inject malicious scripts
4521	CVE-2025-59573	0.07%	21.6th	5.3	This vulnerability allows attackers to inject malicious scripts into web pages using the Cozy Blocks
4522	CVE-2025-57928	0.07%	21.6th	5.3	This Cross-Site Scripting (XSS) vulnerability in the AWP Classifieds WordPress plugin allows attacke
4523	CVE-2025-42926	0.07%	21.7th	5.3	SAP NetWeaver Application Server Java has an authentication bypass vulnerability that allows unauthe
4524	CVE-2025-10003	0.07%	21.7th	6.5	This vulnerability allows unauthenticated attackers to perform time-based SQL injection attacks agai
4525	CVE-2025-25252	0.07%	21.6th	4.8	This vulnerability allows attackers with access to SAML session records to re-open terminated sessio
4526	CVE-2025-62364	0.07%	21.7th	6.2	This Local File Inclusion vulnerability in text-generation-webui allows unauthenticated attackers to
4527	CVE-2025-35060	0.07%	21.7th	5.5	Newforma Info Exchange (NIX) has a cross-site scripting (XSS) vulnerability in its 'Send a File Tran
4528	CVE-2025-57697	0.07%	21.6th	6.5	AstrBot Project v3.5.22 contains an arbitrary file read vulnerability in the _encode_image_bs64 func
4529	CVE-2025-57275	0.07%	21.5th	5.5	CVE-2025-57275 is a buffer overflow vulnerability in the NVMe-oF target component of SPDK 25.05 that
4530	CVE-2025-36092	0.07%	21.6th	6.5	This vulnerability in IBM Cloud Pak for Business Automation allows authenticated users to cause deni
4531	CVE-2025-45663	0.07%	21.6th	6.5	CVE-2025-45663 is a memory corruption vulnerability in NetSurf browser v3.11 where uninitialized hea
4532	CVE-2025-68142	0.07%	21.7th	5.3	PyMdown Extensions versions before 10.16.1 contain a ReDoS vulnerability in the figure caption exten
4533	CVE-2025-36015	0.07%	21.6th	6.5	This vulnerability in IBM Controller and Cognos Controller allows authenticated users to cause denia
4534	CVE-2025-20389	0.07%	21.6th	4.3	A low-privileged user without admin or power roles can craft a malicious payload in the label column
4535	CVE-2025-66302	0.07%	21.7th	6.8	Grav CMS versions before 1.8.0-beta.27 contain a path traversal vulnerability in the backup tool tha
4536	CVE-2025-38104	0.07%	21.6th	4.7	This CVE describes a priority inversion vulnerability in the Linux kernel's AMD GPU driver (amdgpu)
4537	CVE-2025-23044	0.07%	21.2th	6.8	PwnDoc lacks CSRF protection, allowing attackers to perform actions on behalf of logged-in users wit
4538	CVE-2023-46715	0.07%	21.4th	5.0	This CVE allows authenticated IPSec VPN users with dynamic IP addressing to send spoofed packets app
4539	CVE-2025-0231	0.07%	21.4th	6.3	This critical SQL injection vulnerability in Codezips Gym Management System 1.0 allows attackers to
4540	CVE-2025-0208	0.07%	21.4th	6.3	CVE-2025-0208 is a critical SQL injection vulnerability in code-projects Online Shoe Store 1.0 that
4541	CVE-2024-57056	0.07%	21.2th	5.4	WombatDialer versions before 25.02 incorrectly handle cookie sessions, writing full session identiti
4542	CVE-2024-56938	0.07%	21.2th	5.4	LearnDash v6.7.1 contains a stored cross-site scripting (XSS) vulnerability in the materials-content
4543	CVE-2023-49780	0.07%	21.3th	6.1	This cross-site scripting (XSS) vulnerability in acmailer CGI allows attackers to inject malicious s
4544	CVE-2025-0054	0.07%	21.2th	5.4	SAP NetWeaver Application Server Java has a stored cross-site scripting vulnerability where attacker
4545	CVE-2025-1105	0.07%	21.2th	4.3	This vulnerability allows attackers to inject malicious scripts into SiberianCMS 4.20.6 through the
4546	CVE-2025-20230	0.07%	21.3th	4.3	This CVE allows low-privileged Splunk users without admin or power roles to edit and delete other us
4547	CVE-2025-0845	0.07%	21.3th	6.4	The DesignThemes Core Features WordPress plugin has a stored cross-site scripting vulnerability in v
4548	CVE-2025-0431	0.07%	21.3th	5.8	Enterprise Protection has a URL rewriting vulnerability that allows unauthenticated remote attackers
4549	CVE-2024-9042	0.07%	21.4th	5.9	This CVE describes a vulnerability in Kubernetes Windows worker nodes where improper input validatio
4550	CVE-2025-25929	0.07%	21.2th	5.4	This reflected cross-site scripting (XSS) vulnerability in OpenMRS allows attackers to inject malici

← Previous Page 91 of 331 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free