CVE WatchlistTop 10 CVEs for July 4, 2026
CVE watchlist

Automated CVE intake

Top 10 CVEs for July 4, 2026

Automated daily CVE intake for July 4, 2026: 138 NVD CVEs, 52 high or critical entries, and 0 CISA KEV additions in the source window.

138 NVD CVEs52 high/critical0 KEV

Automation Boundary

This digest is automated CVE intake, not a reviewed threat-activity claim. It ranks public NVD records with EPSS enrichment and CISA KEV context so defenders have a daily review queue. Items without an exploitation signal should be treated as vulnerability-prioritization leads, not evidence of active intrusion.

Daily Counts

  • NVD CVEs published in the source window: 138
  • High or critical CVEs considered for ranking: 52
  • CISA KEV additions on 2026-07-04: 0
  • Ranked items published here: 10

Top 10 CVE Intake

RankCVECVSSEPSS percentilePublication signal
1CVE-2026-57991HIGH 7.450.9%No public exploit signal in source text
2CVE-2026-57993HIGH 7.445.8%No public exploit signal in source text
3CVE-2026-57981HIGH 8.842.9%No public exploit signal in source text
4CVE-2026-57974HIGH 8.842.9%No public exploit signal in source text
5CVE-2026-56645HIGH 8.842.9%No public exploit signal in source text
6CVE-2025-71364HIGH 8.142.2%No public exploit signal in source text
7CVE-2026-57988HIGH 7.141.6%No public exploit signal in source text
8CVE-2026-58293HIGH 8.140.9%No public exploit signal in source text
9CVE-2026-58289CRITICAL 9.040.9%No public exploit signal in source text
10CVE-2026-14622HIGH 7.340.2%No public exploit signal in source text

Source Notes

The source window is 2026-07-03T18:30:00.000Z to 2026-07-04T16:23:51.970Z. AttackTrace uses NVD publication timestamps, CISA KEV date-added values, and FIRST EPSS enrichment. Reviewed threat-activity briefs remain separate and require source-backed exploitation or campaign evidence.

Ranked CVEs

01CVE-2026-57991HIGH 7.4EPSS 50.9%No exploit signal

Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network.

Open NVD record
02CVE-2026-57993HIGH 7.4EPSS 45.8%No exploit signal

Server-side request forgery (ssrf) in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

Open NVD record
03CVE-2026-57981HIGH 8.8EPSS 42.9%No exploit signal

Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

Open NVD record
04CVE-2026-57974HIGH 8.8EPSS 42.9%No exploit signal

Integer overflow or wraparound in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

Open NVD record
05CVE-2026-56645HIGH 8.8EPSS 42.9%No exploit signal

Heap-based buffer overflow in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

Open NVD record
06CVE-2025-71364HIGH 8.1EPSS 42.2%No exploit signal

picklescan before 0.0.30 fails to detect the asyncio.unix_events._UnixSubprocessTransport._start function in pickle reduce methods, allowing remote code execution. Attackers can craft malicious pickle files embedding th...

Open NVD record
07CVE-2026-57988HIGH 7.1EPSS 41.6%No exploit signal

Relative path traversal in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

Open NVD record
08CVE-2026-58293HIGH 8.1EPSS 40.9%No exploit signal

External control of file name or path in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

Open NVD record
09CVE-2026-58289CRITICAL 9.0EPSS 40.9%No exploit signal

Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

Open NVD record
10CVE-2026-14622HIGH 7.3EPSS 40.2%No exploit signal

A vulnerability was found in jairiidriss restaurant-website-php-mysql up to 521428b5b612449df0cf4a5d15ee40cba67f3d35. This vulnerability affects unknown code of the file /admin/ajax_files of the component AJAX Endpoint....

Open NVD record