Automated CVE intake

Daily Top 10 CVE Watchlist

A daily ranked queue from NVD, CISA KEV, and FIRST EPSS. These pages help defenders decide what to review first; they do not claim active exploitation unless the source data supports it.

Boundary: CVE watchlist pages are automated vulnerability intake. Reviewed threat-activity briefs remain manually reviewed and source-backed.

Latest individual CVE articles

Today's ranked CVE articles

#1CVE-2026-57991HIGH 7.4

CVE-2026-57991 Daily CVE Watchlist Note

Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network.

#2CVE-2026-57993HIGH 7.4

CVE-2026-57993 Daily CVE Watchlist Note

Server-side request forgery (ssrf) in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

#3CVE-2026-57981HIGH 8.8

CVE-2026-57981 Daily CVE Watchlist Note

Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

#4CVE-2026-57974HIGH 8.8

CVE-2026-57974 Daily CVE Watchlist Note

Integer overflow or wraparound in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

#5CVE-2026-56645HIGH 8.8

CVE-2026-56645 Daily CVE Watchlist Note

Heap-based buffer overflow in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

#6CVE-2025-71364HIGH 8.1

CVE-2025-71364 Daily CVE Watchlist Note

picklescan before 0.0.30 fails to detect the asyncio.unix_events._UnixSubprocessTransport._start function in pickle reduce methods, allowing remote code execution. Attackers can craft malicious pickle files embedding th...

#7CVE-2026-57988HIGH 7.1

CVE-2026-57988 Daily CVE Watchlist Note

Relative path traversal in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

#8CVE-2026-58293HIGH 8.1

CVE-2026-58293 Daily CVE Watchlist Note

External control of file name or path in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

#9CVE-2026-58289CRITICAL 9.0

CVE-2026-58289 Daily CVE Watchlist Note

Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

#10CVE-2026-14622HIGH 7.3

CVE-2026-14622 Daily CVE Watchlist Note

A vulnerability was found in jairiidriss restaurant-website-php-mysql up to 521428b5b612449df0cf4a5d15ee40cba67f3d35. This vulnerability affects unknown code of the file /admin/ajax_files of the component AJAX Endpoint....

Daily watchlist

Top 10 CVEs for July 4, 2026

Automated daily CVE intake for July 4, 2026: 138 NVD CVEs, 52 high or critical entries, and 0 CISA KEV additions in the source window.

138 CVEs52 high/critical0 KEV additions
Open CVE digest