Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 4751 | CVE-2025-13092 |
|
20.6th | 5.3 | The Devs CRM WordPress plugin has an authentication bypass vulnerability that allows unauthenticated | |
| 4752 | CVE-2025-53960 |
|
20.6th | 5.9 | Apache StreamPark versions 2.0.0 through 2.1.6 use user passwords as JWT signing keys, allowing atta | |
| 4753 | CVE-2026-1587 |
|
20.7th | 5.3 | A denial-of-service vulnerability exists in Open5GS SGWC component where the sgwc_s11_handle_modify_ | |
| 4754 | CVE-2026-1586 |
|
20.7th | 5.3 | A denial-of-service vulnerability exists in Open5GS SGWC component where remote attackers can manipu | |
| 4755 | CVE-2025-15511 |
|
20.7th | 5.3 | The Rupantorpay WordPress plugin has an authentication bypass vulnerability that allows unauthentica | |
| 4756 | CVE-2025-14029 |
|
20.7th | 5.3 | The Community Events WordPress plugin has an authentication bypass vulnerability that allows unauthe | |
| 4757 | CVE-2025-15513 |
|
20.5th | 5.3 | The Float Payment Gateway WordPress plugin has an improper error handling vulnerability that allows | |
| 4758 | CVE-2025-15512 |
|
20.5th | 5.3 | The Aplazo Payment Gateway WordPress plugin has an authorization bypass vulnerability that allows un | |
| 4759 | CVE-2025-14880 |
|
20.5th | 5.3 | The Netcash WooCommerce Payment Gateway plugin for WordPress has an authentication bypass vulnerabil | |
| 4760 | CVE-2026-22687 |
|
20.6th | 5.6 | WeKnora versions before 0.2.5 contain a SQL injection vulnerability in the Agent service's database | |
| 4761 | CVE-2026-1974 |
|
20.7th | 5.3 | A denial-of-service vulnerability exists in Free5GC's SMF component where the ResolveNodeIdToIp func | |
| 4762 | CVE-2025-20944 |
|
20.7th | 6.2 | This vulnerability allows local attackers to read out-of-bounds memory in Samsung devices by exploit | |
| 4763 | CVE-2025-20948 |
|
20.7th | 5.5 | This vulnerability allows local privileged attackers to read out-of-bounds memory in Samsung's cdsp | |
| 4764 | CVE-2025-20947 |
|
20.6th | 5.5 | This vulnerability in Samsung's ClipboardService allows local attackers to access image files across | |
| 4765 | CVE-2025-15507 |
|
20.5th | 5.3 | The Magic Import Document Extractor WordPress plugin has an authentication bypass vulnerability that | |
| 4766 | CVE-2026-25509 |
|
20.6th | 5.3 | CVE-2026-25509 is an email enumeration vulnerability in CI4MS, a CodeIgniter 4-based CMS skeleton. U | |
| 4767 | CVE-2025-70559 |
|
20.6th | 6.5 | pdfminer.six contains an insecure deserialization vulnerability where Python pickle is used to deser | |
| 4768 | CVE-2017-20196 |
|
20.4th | 6.3 | This vulnerability allows remote attackers to execute SQL injection attacks via the 'aid' parameter | |
| 4769 | CVE-2025-0223 |
|
20.5th | 5.5 | This vulnerability in IObit Protected Folder allows local attackers to cause a denial of service (sy | |
| 4770 | CVE-2025-0221 |
|
20.5th | 5.5 | A local null pointer dereference vulnerability in IOBit Protected Folder's pffilter.sys driver allow | |
| 4771 | CVE-2022-49697 |
|
20.3th | 5.5 | This CVE describes a memory leak vulnerability in the Linux kernel's BPF subsystem where socket look | |
| 4772 | CVE-2022-49642 |
|
20.3th | 5.5 | A Linux kernel vulnerability in the Synopsys DWC Ethernet driver for Tegra194 systems causes integer | |
| 4773 | CVE-2024-10405 |
|
20.4th | 5.3 | Brocade SANnav versions before 2.3.1b enable weak TLS ciphers on ports 443 and 18082, allowing attac | |
| 4774 | CVE-2025-25988 |
|
20.5th | 4.8 | A Cross-Site Scripting (XSS) vulnerability in HooskCMS v1.8 allows remote attackers to inject malici | |
| 4775 | CVE-2025-0815 |
|
20.5th | 6.5 | An improper input validation vulnerability in Schneider Electric products allows attackers to cause | |
| 4776 | CVE-2025-0837 |
|
20.3th | 6.4 | The Puzzles WordPress theme has a stored XSS vulnerability in versions up to 4.2.4 that allows authe | |
| 4777 | CVE-2025-1230 |
|
20.3th | 4.8 | A stored Cross-Site Scripting (XSS) vulnerability in PrestaShop 8.1.7 allows attackers to inject mal | |
| 4778 | CVE-2024-11132 |
|
20.3th | 6.4 | The Eventer WordPress plugin up to version 3.9.9 has a stored XSS vulnerability in shortcode attribu | |
| 4779 | CVE-2025-20232 |
|
20.4th | 5.7 | This CVE describes a privilege escalation vulnerability in Splunk Enterprise and Cloud Platform wher | |
| 4780 | CVE-2025-20226 |
|
20.4th | 5.7 | This vulnerability allows low-privileged Splunk users to bypass SPL safeguards for risky commands by | |
| 4781 | CVE-2025-24513 |
|
20.4th | 4.8 | A directory traversal vulnerability in ingress-nginx's Admission Controller allows attackers to mani | |
| 4782 | CVE-2025-30605 |
|
20.5th | 4.3 | This CVE describes a missing authorization vulnerability in the sourceplay-navermap WordPress plugin | |
| 4783 | CVE-2024-12871 |
|
20.3th | 5.4 | This Cross-Site Scripting (XSS) vulnerability in infiniflow/ragflow version 0.12.0 allows attackers | |
| 4784 | CVE-2024-10273 |
|
20.4th | 6.5 | This vulnerability allows users with viewer roles in lunary-ai/lunary to modify models owned by othe | |
| 4785 | CVE-2025-3979 |
|
20.5th | 4.3 | This CSRF vulnerability in dazhouda lecms 3.0.3 allows attackers to trick authenticated users into u | |
| 4786 | CVE-2025-3959 |
|
20.5th | 4.3 | This CSRF vulnerability in withstars Books-Management-System 1.0 allows attackers to trick authentic | |
| 4787 | CVE-2024-47829 |
|
20.4th | 6.5 | This vulnerability in pnpm (package manager) uses MD5 hashing for path shortening, which can cause c | |
| 4788 | CVE-2024-41446 |
|
20.3th | 5.4 | This stored XSS vulnerability in Alkacon OpenCMS v17.0 allows attackers to inject malicious scripts | |
| 4789 | CVE-2025-22851 |
|
20.2th | 6.5 | This vulnerability allows a local attacker to execute arbitrary code in pre-installed apps on OpenHa | |
| 4790 | CVE-2025-25041 |
|
20.3th | 5.5 | A privilege escalation vulnerability in HPE Aruba Networking VIA client allows authenticated Windows | |
| 4791 | CVE-2025-5155 |
|
20.2th | 6.3 | This critical SQL injection vulnerability in FoxCMS 1.2.5 allows remote attackers to execute arbitra | |
| 4792 | CVE-2025-39394 |
|
20.4th | 5.3 | This vulnerability in the AnalyticsWP WordPress plugin allows unauthorized users to retrieve embedde | |
| 4793 | CVE-2024-47893 |
|
20.4th | 6.5 | This vulnerability allows kernel software running inside a Guest Virtual Machine to exploit shared m | |
| 4794 | CVE-2025-44900 |
|
20.4th | 6.5 | This vulnerability allows remote attackers to execute arbitrary code on Tenda RX3 routers by exploit | |
| 4795 | CVE-2025-45240 |
|
20.4th | 6.5 | FoxCMS v1.2.5 contains a SQL injection vulnerability in the executeCommand method of DataBackup.php. | |
| 4796 | CVE-2025-54573 |
|
20.2th | 4.3 | CVAT versions 1.1.0 through 2.41.0 do not enforce email verification when using Basic HTTP Authentic | |
| 4797 | CVE-2025-24188 |
|
20.4th | 6.5 | This CVE describes a logic flaw in Safari that could be exploited by malicious web content to cause | |
| 4798 | CVE-2025-50086 |
|
20.2th | 4.9 | This vulnerability in Oracle MySQL Server's Components Services allows high-privileged attackers wit | |
| 4799 | CVE-2025-50084 |
|
20.2th | 4.9 | A vulnerability in MySQL Server's optimizer component allows high-privileged attackers with network | |
| 4800 | CVE-2025-27453 |
|
20.4th | 5.3 | This vulnerability allows client-side scripts (like JavaScript) to access the PHPSESSION cookie beca |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free