Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
4701	CVE-2025-9762	0.25%	47.6th	9.8	The Post By Email WordPress plugin allows unauthenticated attackers to upload arbitrary files due to
4702	CVE-2025-11948	0.25%	47.6th	9.8	CVE-2025-11948 is an unauthenticated arbitrary file upload vulnerability in Excellent Infotek's Docu
4703	CVE-2025-12870	0.25%	47.6th	9.8	CVE-2025-12870 is an authentication abuse vulnerability in a+HRD software developed by aEnrich that
4704	CVE-2026-1730	0.25%	47.6th	8.8	The OS DataHub Maps WordPress plugin has an arbitrary file upload vulnerability that allows authenti
4705	CVE-2026-1756	0.25%	47.6th	8.8	The WP FOFT Loader WordPress plugin has a vulnerability that allows authenticated attackers with Aut
4706	CVE-2025-0353	0.25%	47.5th	6.4	The Divi Torque Lite WordPress plugin has a stored cross-site scripting vulnerability that allows au
4707	CVE-2024-49655	0.25%	47.5th	9.3	This SQL injection vulnerability in the ARPrice WordPress plugin allows attackers to execute arbitra
4708	CVE-2025-23042	0.25%	47.5th	7.5	This vulnerability allows attackers to bypass Gradio's file access controls by changing the letter c
4709	CVE-2025-21242	0.25%	47.5th	5.9	This Windows Kerberos vulnerability allows attackers to disclose sensitive information from memory.
4710	CVE-2024-46601	0.25%	47.5th	7.5	A buffer overflow vulnerability in Elspec Engineering G5 Digital Fault Recorder firmware allows atta
4711	CVE-2024-56284	0.25%	47.5th	9.3	This SQL injection vulnerability in SSL Wireless SMS Notification plugin allows attackers to execute
4712	CVE-2024-12158	0.25%	47.5th	5.3	This vulnerability allows unauthenticated attackers to delete database data in the Ultimate Popup Cr
4713	CVE-2025-26619	0.25%	47.4th	6.1	This vulnerability allows attackers to execute arbitrary JavaScript functions through Vega's express
4714	CVE-2024-55060	0.25%	47.5th	6.1	This cross-site scripting (XSS) vulnerability in Rafed CMS Website v1.44 allows attackers to inject
4715	CVE-2024-13320	0.25%	47.4th	7.5	This SQL injection vulnerability in the CURCY WooCommerce Multi Currency plugin allows unauthenticat
4716	CVE-2024-9618	0.25%	47.5th	6.4	This stored XSS vulnerability in the Master Addons WordPress plugin allows authenticated attackers w
4717	CVE-2025-1816	0.25%	47.5th	4.3	A memory leak vulnerability in FFmpeg's IAMF file handler allows remote attackers to cause resource
4718	CVE-2025-4451	0.25%	47.5th	8.8	A critical buffer overflow vulnerability in D-Link DIR-619L routers allows remote attackers to execu
4719	CVE-2025-4449	0.25%	47.5th	8.8	A critical buffer overflow vulnerability in D-Link DIR-619L routers allows remote attackers to execu
4720	CVE-2025-12239	0.25%	47.4th	8.8	A remote buffer overflow vulnerability exists in TOTOLINK A3300R routers through the setDdnsCfg func
4721	CVE-2025-62645	0.25%	47.5th	9.9	This vulnerability allows remote authenticated attackers to obtain administrative tokens via a Graph
4722	CVE-2021-47802	0.25%	47.5th	7.5	This vulnerability allows remote attackers to download router configuration files without authentica
4723	CVE-2025-4116	0.24%	47.4th	8.8	A critical buffer overflow vulnerability in Netgear JWNR2000v2 routers allows remote attackers to ex
4724	CVE-2025-4114	0.24%	47.4th	8.8	A critical buffer overflow vulnerability in Netgear JWNR2000v2 routers allows remote attackers to ex
4725	CVE-2025-25984	0.24%	47.3th	6.8	This vulnerability in Macro-video Technologies V380E6_C1 IP cameras allows a physically proximate at
4726	CVE-2025-29453	0.24%	47.4th	6.5	This vulnerability in Personal Management System 1.4.65 allows remote attackers to access sensitive
4727	CVE-2025-29454	0.24%	47.4th	6.5	A Server-Side Request Forgery (SSRF) vulnerability in Personal Management System version 1.4.65 allo
4728	CVE-2025-29449	0.24%	47.4th	6.5	A Server-Side Request Forgery (SSRF) vulnerability in twonav v2.1.18-20241105 allows remote attacker
4729	CVE-2025-26086	0.24%	47.4th	7.5	An unauthenticated blind SQL injection vulnerability in RSI Queue Management System v3.0 allows atta
4730	CVE-2025-8183	0.24%	47.4th	7.5	A NULL pointer dereference vulnerability in µD3TN allows remote attackers to cause a denial-of-serv
4731	CVE-2025-44655	0.24%	47.4th	9.8	This vulnerability in TOTOLink routers allows attackers to bypass FTP directory restrictions due to
4732	CVE-2025-20708	0.24%	47.4th	8.8	This vulnerability allows remote attackers to execute arbitrary code on affected devices by exploiti
4733	CVE-2025-55752	0.24%	47.3th	7.5	A path traversal vulnerability in Apache Tomcat allows attackers to bypass security constraints prot
4734	CVE-2025-54968	0.24%	47.4th	8.8	The SOCET GXP Job Service lacks authentication requirements, allowing unauthorized job submissions.
4735	CVE-2025-62649	0.24%	47.4th	5.8	This vulnerability allows attackers to submit unauthorized equipment orders by bypassing server-side
4736	CVE-2025-59250	0.24%	47.3th	8.1	This vulnerability in the Microsoft JDBC Driver for SQL Server allows attackers to perform spoofing
4737	CVE-2021-47900	0.24%	47.4th	9.8	CVE-2021-47900 is a critical remote code execution vulnerability in Gila CMS that allows unauthentic
4738	CVE-2025-0473	0.24%	47.2th	6.5	This vulnerability in the PMB platform allows attackers to persist temporary files on the server by
4739	CVE-2025-21215	0.24%	47.2th	4.6	CVE-2025-21215 is a Secure Boot security feature bypass vulnerability that allows attackers with phy
4740	CVE-2024-46480	0.24%	47.3th	8.4	This vulnerability allows authenticated attackers with Application Administrator access in Venki Sup
4741	CVE-2025-25462	0.24%	47.3th	5.5	A SQL injection vulnerability in PHPGurukul Land Record System v1.0 allows remote attackers to execu
4742	CVE-2025-27097	0.24%	47.3th	7.5	GraphQL Mesh has a variable caching vulnerability where initial GraphQL query variables persist acro
4743	CVE-2025-27092	0.24%	47.3th	7.5	A path traversal vulnerability in GHOSTS version 8.0.0.0 allows attackers to read arbitrary files fr
4744	CVE-2025-24787	0.24%	47.3th	8.6	WhoDB versions before 0.45.0 are vulnerable to parameter injection in database connection strings, a
4745	CVE-2024-12510	0.24%	47.3th	6.7	This vulnerability in Xerox printers allows attackers with admin access to redirect LDAP authenticat
4746	CVE-2025-4821	0.24%	47.2th	7.5	CVE-2025-4821 is a vulnerability in Cloudflare's quiche QUIC library that allows unauthenticated rem
4747	CVE-2025-7847	0.24%	47.2th	8.8	The AI Engine WordPress plugin versions 2.9.3 and 2.9.4 contain an arbitrary file upload vulnerabili
4748	CVE-2023-53735	0.24%	47.2th	N/A	WEBIGniter 28.7.23 contains an unauthenticated cross-site scripting vulnerability in the user creati
4749	CVE-2025-69264	0.24%	47.2th	8.8	This vulnerability in pnpm package manager versions 10.0.0 through 10.25 allows git-hosted dependenc
4750	CVE-2025-20727	0.24%	47.3th	8.1	This vulnerability is a heap buffer overflow in MediaTek modem firmware that allows remote code exec

← Previous Page 95 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free