Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
4901	CVE-2025-1691	0.23%	45.9th	7.6	This CVE describes a control character injection vulnerability in MongoDB Shell (mongosh) where an a
4902	CVE-2023-25574	0.23%	45.9th	10.0	CVE-2023-25574 is a critical authentication bypass vulnerability in jupyterhub-ltiauthenticator's LT
4903	CVE-2025-24894	0.23%	45.9th	9.1	This vulnerability in SPID.AspNetCore.Authentication allows attackers to bypass SAML signature valid
4904	CVE-2024-13641	0.23%	45.9th	5.9	This vulnerability allows unauthenticated attackers to access sensitive files stored in the '/wp-con
4905	CVE-2024-54951	0.23%	46th	5.4	Monica 4.1.2 contains a stored cross-site scripting (XSS) vulnerability in the 'HOW YOU MET' contact
4906	CVE-2025-2152	0.23%	45.9th	6.3	A critical heap-based buffer overflow vulnerability in Assimp's BaseImporter::ConvertToUTF8 function
4907	CVE-2025-3557	0.23%	46th	4.3	This CVE describes a Cross-Site Request Forgery (CSRF) vulnerability in ScriptAndTools eCommerce-web
4908	CVE-2024-4877	0.23%	45.9th	8.8	This vulnerability allows a lower-privileged process on Windows to create a named pipe that the Open
4909	CVE-2025-32794	0.23%	46th	7.6	OpenEMR versions before 7.0.3.4 have a stored XSS vulnerability where authenticated users with patie
4910	CVE-2025-47576	0.23%	46th	8.8	This vulnerability allows attackers to include arbitrary files from remote servers in PHP applicatio
4911	CVE-2025-6121	0.23%	45.9th	9.8	A critical stack-based buffer overflow vulnerability in D-Link DIR-632 routers allows remote attacke
4912	CVE-2025-41683	0.23%	46th	8.8	An authenticated remote attacker can execute arbitrary operating system commands with root privilege
4913	CVE-2025-53970	0.23%	46th	9.8	This critical vulnerability in SS1 Ver.16.0.0.10 and earlier allows remote unauthenticated attackers
4914	CVE-2025-47212	0.23%	46th	7.2	A command injection vulnerability in QNAP operating systems allows authenticated attackers with admi
4915	CVE-2025-68109	0.23%	45.9th	9.1	ChurchCRM versions before 6.5.3 have a critical vulnerability in the Database Restore functionality
4916	CVE-2024-58281	0.23%	45.9th	8.8	Dotclear 2.29 contains an authenticated remote code execution vulnerability where attackers with val
4917	CVE-2024-54499	0.23%	45.8th	8.8	This CVE describes a use-after-free vulnerability in Apple's image processing components that could
4918	CVE-2025-24042	0.23%	45.8th	7.3	This vulnerability in Visual Studio Code's JS Debug Extension allows attackers to escalate privilege
4919	CVE-2025-24677	0.23%	45.9th	9.9	This vulnerability allows remote attackers to execute arbitrary code on WordPress sites running the
4920	CVE-2025-0312	0.23%	45.8th	7.5	A null pointer dereference vulnerability in Ollama versions up to 0.3.14 allows attackers to upload
4921	CVE-2025-27099	0.23%	45.9th	4.8	This CVE describes a stored cross-site scripting (XSS) vulnerability in Tuleap's tracker semantic ti
4922	CVE-2025-25060	0.23%	45.9th	8.2	A missing authentication vulnerability in AssetView and AssetView CLOUD allows unauthenticated remot
4923	CVE-2025-24022	0.23%	45.9th	8.5	This vulnerability allows remote code execution through iTop's web portal frontend. Attackers can ex
4924	CVE-2025-55575	0.23%	45.8th	9.8	CVE-2025-55575 is a critical SQL injection vulnerability in SMM Panel 3.1 that allows remote attacke
4925	CVE-2025-8693	0.23%	45.8th	8.8	A post-authentication command injection vulnerability in Zyxel DX3300-T0 firmware allows authenticat
4926	CVE-2025-56333	0.23%	45.9th	9.8	A critical authentication bypass vulnerability in Fossorial Pangolin's 2FA component allows remote a
4927	CVE-2025-50681	0.23%	45.9th	7.5	CVE-2025-50681 is a remote denial-of-service vulnerability in igmpproxy versions before commit 2b30c
4928	CVE-2025-14648	0.23%	45.8th	4.7	This vulnerability allows remote attackers to execute arbitrary commands on DedeBIZ systems through
4929	CVE-2024-46073	0.23%	45.7th	6.1	A reflected Cross-Site Scripting (XSS) vulnerability in IceHRM v32.4.0.OS allows attackers to execut
4930	CVE-2024-57685	0.23%	45.7th	5.3	This vulnerability allows remote attackers to execute arbitrary code on systems running vulnerable v
4931	CVE-2025-21373	0.23%	45.7th	7.8	This Windows Installer vulnerability allows attackers to elevate privileges on affected systems by e
4932	CVE-2025-24960	0.23%	45.7th	8.7	CVE-2025-24960 is a path traversal vulnerability in Jellystat (a statistics app for Jellyfin) that a
4933	CVE-2025-22523	0.23%	45.8th	9.3	This SQL injection vulnerability in the NotFound Schedule WordPress plugin allows attackers to execu
4934	CVE-2025-26898	0.23%	45.8th	9.3	This SQL injection vulnerability in the Shinetheme Traveler WordPress theme allows attackers to exec
4935	CVE-2024-12055	0.23%	45.7th	7.5	A vulnerability in Ollama versions up to 0.3.14 allows attackers to upload specially crafted gguf mo
4936	CVE-2025-0555	0.23%	45.7th	7.7	This Cross-Site Scripting (XSS) vulnerability in GitLab Enterprise Edition allows attackers to bypas
4937	CVE-2025-3799	0.23%	45.7th	7.3	This critical SQL injection vulnerability in WCMS 11 allows remote attackers to execute arbitrary SQ
4938	CVE-2025-39471	0.23%	45.8th	9.3	This SQL injection vulnerability in the Pantherius Modal Survey WordPress plugin allows attackers to
4939	CVE-2025-39595	0.23%	45.8th	9.3	This SQL injection vulnerability in Quentn WP WordPress plugin allows attackers to execute arbitrary
4940	CVE-2025-39587	0.23%	45.8th	9.3	This SQL injection vulnerability in the Stylemix Cost Calculator Builder WordPress plugin allows att
4941	CVE-2025-32665	0.23%	45.8th	9.3	This SQL injection vulnerability in the WebbyTemplate Office Locator WordPress plugin allows attacke
4942	CVE-2025-32636	0.23%	45.8th	9.3	This SQL injection vulnerability in the Local Magic WordPress plugin allows attackers to execute arb
4943	CVE-2025-27302	0.23%	45.8th	9.3	This SQL injection vulnerability in the CHATLIVE WordPress plugin allows attackers to execute arbitr
4944	CVE-2025-22655	0.23%	45.8th	9.3	This SQL injection vulnerability in the CWD – Stealth Links WordPress plugin allows attackers to e
4945	CVE-2025-32603	0.23%	45.8th	9.3	This SQL injection vulnerability in the WP Online Users Stats WordPress plugin allows attackers to e
4946	CVE-2025-32565	0.23%	45.8th	9.3	This SQL injection vulnerability in the Neon Product Designer WordPress plugin allows attackers to e
4947	CVE-2025-31565	0.23%	45.8th	9.3	This SQL injection vulnerability in the WPSmartContracts WordPress plugin allows attackers to execut
4948	CVE-2025-32383	0.23%	45.7th	4.3	A reverse shell vulnerability in MaxKB's function library module allows privileged users to execute
4949	CVE-2025-31403	0.23%	45.8th	9.3	This SQL injection vulnerability in the Shiptrack Booking Calendar and Notification WordPress plugin
4950	CVE-2025-31911	0.23%	45.8th	9.3	This SQL injection vulnerability in the WordPress Social Share And Social Locker plugin allows attac

← Previous Page 99 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free