Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
4851	CVE-2025-20367	0.07%	20.4th	5.7	This is a cross-site scripting (XSS) vulnerability in Splunk Enterprise and Splunk Cloud Platform th
4852	CVE-2025-20356	0.07%	20.4th	5.4	An authenticated cross-site scripting (XSS) vulnerability in Cisco Cyber Vision Center's web managem
4853	CVE-2025-11427	0.07%	20.4th	5.8	The WP Migrate Lite plugin for WordPress has a blind SSRF vulnerability that allows unauthenticated
4854	CVE-2025-9075	0.07%	20.3th	6.4	The ZoloBlocks WordPress plugin has a stored cross-site scripting vulnerability that allows authenti
4855	CVE-2025-63498	0.07%	20.5th	6.1	CVE-2025-63498 is a cross-site scripting (XSS) vulnerability in alinto SOGo 5.12.3 that allows attac
4856	CVE-2025-13564	0.07%	20.5th	5.4	CVE-2025-13564 is an arbitrary file deletion vulnerability in SourceCodester Pre-School Management S
4857	CVE-2025-13468	0.07%	20.4th	5.4	This vulnerability allows unauthorized deletion of forum posts, careers, comments, gallery items, an
4858	CVE-2025-63708	0.07%	20.4th	6.1	A Cross-Site Scripting (XSS) vulnerability in SourceCodester AI Font Matcher allows attackers to inj
4859	CVE-2025-64433	0.07%	20.4th	6.5	This vulnerability in KubeVirt allows a malicious user with control over a PersistentVolumeClaim (PV
4860	CVE-2025-43501	0.07%	20.2th	4.3	A buffer overflow vulnerability in Apple's Safari browser and related operating systems allows attac
4861	CVE-2022-46845	0.07%	20.2th	5.3	This vulnerability allows attackers to bypass authorization controls in the Slider a SlidersPack Wor
4862	CVE-2025-14146	0.07%	20.4th	5.3	The Booking Calendar WordPress plugin exposes sensitive booking data to unauthenticated attackers du
4863	CVE-2026-21857	0.07%	20.3th	6.5	This vulnerability allows authenticated REDAXO users with backup permissions to read arbitrary files
4864	CVE-2025-15453	0.07%	20.2th	6.3	This vulnerability in Milvus allows remote attackers to execute arbitrary code through deserializati
4865	CVE-2026-1112	0.07%	20.5th	5.4	This CVE describes an improper authorization vulnerability in Sanluan PublicCMS's trade address dele
4866	CVE-2025-20941	0.07%	20.2th	6.2	This vulnerability allows local attackers to access scancode data from specific input devices due to
4867	CVE-2024-35148	0.07%	20.1th	6.3	This SQL injection vulnerability in IBM Maximo Application Suite's Monitor Component allows remote a
4868	CVE-2024-13551	0.07%	20.2th	6.4	The ABC Notation WordPress plugin has a stored cross-site scripting vulnerability that allows authen
4869	CVE-2024-56914	0.07%	20th	5.7	A buffer overflow vulnerability exists in the D-Link DSL-3782 router's Parental Control web interfac
4870	CVE-2023-23913	0.07%	20.1th	6.3	This DOM-based cross-site scripting vulnerability in rails-ujs allows attackers to inject malicious
4871	CVE-2024-12431	0.07%	20th	4.3	This vulnerability allows unauthorized users to manipulate the status of issues in public GitLab pro
4872	CVE-2024-33055	0.07%	20.2th	6.7	This vulnerability allows attackers to cause memory corruption by making specific IOCTL calls to unm
4873	CVE-2024-55897	0.07%	20.2th	4.3	IBM PowerHA SystemMirror for i fails to set the secure attribute on authorization tokens and session
4874	CVE-2024-13379	0.07%	20th	6.4	The C9 Admin Dashboard WordPress plugin up to version 1.3.5 allows authenticated attackers with Auth
4875	CVE-2025-1076	0.07%	20.2th	4.8	A stored XSS vulnerability in Holded's Activities functionality allows attackers to inject malicious
4876	CVE-2023-53028	0.07%	20th	5.5	This CVE describes a double-free vulnerability in the Linux kernel's WiFi subsystem (mac80211) that
4877	CVE-2023-52991	0.07%	20th	5.5	A NULL pointer dereference vulnerability in the Linux kernel's network stack can cause kernel panic
4878	CVE-2023-52929	0.07%	20th	5.5	This CVE describes a memory leak vulnerability in the Linux kernel's nvmem (non-volatile memory) sub
4879	CVE-2025-21868	0.07%	20th	5.5	A Linux kernel vulnerability where improper memory allocation handling when MAX_SKB_FRAGS is set to
4880	CVE-2025-0149	0.07%	20th	6.5	This vulnerability in Zoom Workplace Apps allows unprivileged users to cause denial of service attac
4881	CVE-2025-22091	0.07%	20th	5.5	This CVE describes an integer overflow vulnerability in the Linux kernel's RDMA/mlx5 driver when reg
4882	CVE-2025-22084	0.07%	20th	5.5	A race condition in the Linux kernel's w1 (1-Wire) subsystem can cause a NULL pointer dereference wh
4883	CVE-2025-22047	0.07%	20.2th	5.5	This CVE involves a logic error in the Linux kernel's AMD microcode update function where a failed S
4884	CVE-2025-22034	0.07%	20th	5.5	A Linux kernel vulnerability in the memory management subsystem allows device-exclusive memory entri
4885	CVE-2025-22032	0.07%	20th	5.5	This CVE describes a null pointer dereference vulnerability in the Linux kernel's MediaTek MT7921 Wi
4886	CVE-2025-22026	0.07%	20th	5.5	This CVE-2025-22026 is a Linux kernel vulnerability in the NFS server (nfsd) where error handling is
4887	CVE-2025-22024	0.07%	20th	5.5	A use-after-free vulnerability in the Linux kernel's NFS server (nfsd) allows a root user to trigger
4888	CVE-2025-30655	0.07%	20.2th	5.5	A local privilege escalation vulnerability in Juniper Junos OS and Junos OS Evolved allows low-privi
4889	CVE-2025-22001	0.07%	20th	5.5	This CVE describes an integer overflow vulnerability in the Linux kernel's QAIC (Qualcomm AI Compute
4890	CVE-2025-21995	0.07%	20th	5.5	This CVE describes a fence reference count leak vulnerability in the Linux kernel's DRM scheduler co
4891	CVE-2025-21894	0.07%	20th	5.5	A vulnerability in the Linux kernel's ENETC network driver allows Virtual Functions (VFs) to attempt
4892	CVE-2024-22653	0.07%	20th	4.8	This CVE describes a NULL pointer dereference vulnerability in Yasm, an assembler used for compiling
4893	CVE-2025-4683	0.07%	20.1th	4.3	The MStore API WordPress plugin has an authorization vulnerability that allows authenticated users w
4894	CVE-2025-3939	0.07%	20th	5.3	This CVE describes an Observable Response Discrepancy vulnerability in Tridium Niagara Framework and
4895	CVE-2024-52601	0.07%	20th	6.5	This vulnerability in iTop allows authenticated users with portal access to view objects they should
4896	CVE-2025-30507	0.07%	20.1th	5.3	CVE-2025-30507 is a blind SQL injection vulnerability in CyberData 011209 Intercom devices that allo
4897	CVE-2025-44172	0.07%	20.2th	6.5	This vulnerability allows remote attackers to execute arbitrary code on Tenda AC6 routers by exploit
4898	CVE-2025-5437	0.07%	20.1th	5.3	This critical vulnerability in Multilaser Sirius RE016 routers allows attackers to bypass authentica
4899	CVE-2024-53288	0.07%	20th	5.9	This is a stored cross-site scripting (XSS) vulnerability in Synology Router Manager's NTP Region fu
4900	CVE-2025-53889	0.07%	20.1th	6.5	Directus versions 9.12.0 through 11.8.0 have an authentication bypass vulnerability in manual trigge

← Previous Page 98 of 331 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free