Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
4651	CVE-2025-40935	0.07%	21.2th	4.3	This vulnerability affects multiple Siemens RUGGEDCOM industrial networking devices running firmware
4652	CVE-2025-14016	0.07%	21.1th	5.4	This vulnerability in macrozheng mall-swarm allows unauthorized deletion of user read history record
4653	CVE-2026-0788	0.07%	21.2th	6.1	CVE-2026-0788 is a persistent cross-site scripting vulnerability in ALGO 8180 IP Audio Alerter devic
4654	CVE-2026-21894	0.07%	21.2th	6.5	This CVE describes an authentication bypass vulnerability in n8n's Stripe Trigger node that allows u
4655	CVE-2025-59381	0.07%	21.1th	4.9	A path traversal vulnerability in QNAP operating systems allows authenticated administrators to read
4656	CVE-2025-59380	0.07%	21.1th	4.9	This CVE describes a path traversal vulnerability in QNAP operating systems that allows authenticate
4657	CVE-2026-1739	0.07%	21.2th	5.3	A null pointer dereference vulnerability in Free5GC's Policy Control Function (PCF) allows remote at
4658	CVE-2024-53933	0.07%	20.9th	6.3	This vulnerability allows any Android application without permissions to place phone calls without u
4659	CVE-2024-49385	0.07%	20.9th	5.5	This vulnerability allows local attackers to access sensitive information due to insecure folder per
4660	CVE-2022-49624	0.07%	20.8th	5.5	This vulnerability in the Linux kernel's Atlantic network driver causes a system hang when resuming
4661	CVE-2022-49458	0.07%	20.8th	5.5	A race condition vulnerability in the Linux kernel's MSM DRM driver where msm_drm_uninit() could att
4662	CVE-2022-49356	0.07%	20.8th	5.5	This CVE addresses a buffer overflow vulnerability in the Linux kernel's SUNRPC RDMA implementation.
4663	CVE-2022-49195	0.07%	20.8th	5.5	A NULL pointer dereference vulnerability in the Linux kernel's DSA (Distributed Switch Architecture)
4664	CVE-2022-49169	0.07%	20.8th	5.5	This CVE describes a race condition deadlock vulnerability in the Linux kernel's F2FS filesystem. Wh
4665	CVE-2024-57967	0.07%	20.8th	4.2	This vulnerability in CyberArk's Password Vault Web Access (PVWA) allows potential privilege escalat
4666	CVE-2025-30566	0.07%	21th	6.5	This DOM-based Cross-Site Scripting (XSS) vulnerability in the Clink WordPress plugin allows attacke
4667	CVE-2024-6844	0.07%	20.9th	5.3	This vulnerability in flask-cors 4.0.1 causes inconsistent CORS policy matching due to improper URL
4668	CVE-2024-10725	0.07%	20.9th	5.4	A stored cross-site scripting (XSS) vulnerability in phpipam version 1.5.2 allows attackers to injec
4669	CVE-2024-10366	0.07%	21th	6.5	This CVE describes an Insecure Direct Object Reference (IDOR) vulnerability in LibreChat's delete at
4670	CVE-2025-24856	0.07%	20.9th	4.2	This vulnerability in TYPO3's OpenID Connect extension allows account takeover through pre-hijacking
4671	CVE-2025-25363	0.07%	20.8th	6.5	An authenticated stored cross-site scripting (XSS) vulnerability in The Plugin People Enterprise Mai
4672	CVE-2025-1386	0.07%	20.7th	4.9	This vulnerability in the ch-go library allows an attacker to inject malicious query packets into Cl
4673	CVE-2025-48948	0.07%	20.9th	6.5	CVE-2025-48948 is an authorization bypass vulnerability in Navidrome music server where authenticate
4674	CVE-2025-4514	0.07%	20.9th	6.3	This is a critical SQL injection vulnerability in mayicms up to version 5.8E that allows remote atta
4675	CVE-2025-47688	0.07%	20.8th	5.3	This CVE describes a missing authorization vulnerability in the Advanced File Manager WordPress plug
4676	CVE-2025-7787	0.07%	20.9th	6.3	This critical Server-Side Request Forgery (SSRF) vulnerability in Xuxueli xxl-job allows attackers t
4677	CVE-2025-45582	0.07%	21th	4.1	GNU Tar through version 1.35 contains a directory traversal vulnerability that allows file overwrite
4678	CVE-2025-48818	0.07%	20.9th	6.8	A Time-of-Check Time-of-Use (TOCTOU) race condition vulnerability in Windows BitLocker allows an att
4679	CVE-2025-8562	0.07%	20.9th	6.5	The Custom Query Shortcode WordPress plugin contains a path traversal vulnerability that allows auth
4680	CVE-2025-55674	0.07%	20.7th	6.5	This vulnerability allows attackers to bypass Apache Superset's DISALLOWED_SQL_FUNCTIONS security fe
4681	CVE-2025-8522	0.07%	20.8th	5.0	This critical vulnerability in Vvvebjs allows remote attackers to perform path traversal attacks via
4682	CVE-2025-57769	0.07%	20.8th	6.1	FreshRSS versions 1.26.3 and below contain a UI redressing vulnerability where attackers can trick a
4683	CVE-2025-56807	0.07%	20.8th	6.1	This cross-site scripting (XSS) vulnerability in FairSketch RISE Ultimate Project Manager & CRM allo
4684	CVE-2025-59547	0.07%	20.8th	5.3	This vulnerability in DNN CMS allows attackers to upload files with Unicode characters that get tran
4685	CVE-2025-10389	0.07%	20.9th	5.4	This vulnerability in CRMEB allows attackers to manipulate administrator password reset functionalit
4686	CVE-2025-61413	0.07%	20.7th	6.1	A stored cross-site scripting vulnerability in Piranha CMS v12.0 allows authenticated attackers to i
4687	CVE-2025-55039	0.07%	20.8th	6.5	Apache Spark versions before 3.4.4, 3.5.2, and 4.0.0 use an insecure default cipher (AES/CTR/NoPaddi
4688	CVE-2025-10406	0.07%	20.8th	5.5	This vulnerability in the BlindMatrix e-Commerce WordPress plugin allows authenticated users (includ
4689	CVE-2025-11636	0.07%	20.8th	5.6	This CVE describes a server-side request forgery (SSRF) vulnerability in Tomofun Furbo 360 pet camer
4690	CVE-2025-60304	0.07%	20.8th	6.1	Simple Scheduling System 1.0 contains a stored XSS vulnerability in the Subject Description field th
4691	CVE-2025-60302	0.07%	20.8th	6.1	CVE-2025-60302 is a stored cross-site scripting (XSS) vulnerability in code-projects Client Details
4692	CVE-2025-60318	0.07%	20.8th	6.1	SourceCodester Pet Grooming Management Software 1.0 contains a stored XSS vulnerability in the admin
4693	CVE-2025-0606	0.07%	20.8th	6.0	This CVE describes an authorization bypass vulnerability in Logo Software Inc.'s Logo Cloud platform
4694	CVE-2025-60451	0.07%	20.8th	6.1	A stored XSS vulnerability in MetInfo CMS 8.0 allows attackers to upload malicious SVG files contain
4695	CVE-2025-61087	0.07%	20.8th	6.1	This CVE describes a stored cross-site scripting (XSS) vulnerability in SourceCodester Pet Grooming
4696	CVE-2025-10744	0.07%	20.9th	5.3	The File Manager, Code Editor, and Backup by Managefy WordPress plugin exposes sensitive information
4697	CVE-2025-60633	0.07%	20.9th	6.5	A vulnerability in Free5GC versions 4.0.0 and 4.0.1 allows attackers to cause denial of service thro
4698	CVE-2025-13102	0.07%	20.8th	4.3	This vulnerability allows attackers to spoof user interface elements in Google Chrome on Android by
4699	CVE-2025-20303	0.07%	20.7th	5.4	This CVE describes reflected cross-site scripting (XSS) vulnerabilities in Cisco ISE and ISE-PIC web
4700	CVE-2025-12657	0.07%	20.9th	5.0	MongoDB's KMIP response parser accepts malformed packets that create invalid objects, causing read a

← Previous Page 94 of 331 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free