CVE WatchlistTop 10 CVEs for July 5, 2026
CVE watchlist

Automated CVE intake

Top 10 CVEs for July 5, 2026

Automated daily CVE intake for July 5, 2026: 89 NVD CVEs, 44 high or critical entries, and 0 CISA KEV additions in the source window.

89 NVD CVEs44 high/critical0 KEV

Automation Boundary

This digest is automated CVE intake, not a reviewed threat-activity claim. It ranks public NVD records with EPSS enrichment and CISA KEV context so defenders have a daily review queue. Items without an exploitation signal should be treated as vulnerability-prioritization leads, not evidence of active intrusion.

Daily Counts

  • NVD CVEs published in the source window: 89
  • High or critical CVEs considered for ranking: 44
  • CISA KEV additions on 2026-07-05: 0
  • Ranked items published here: 10

Top 10 CVE Intake

RankCVECVSSEPSS percentileCVE summary
1CVE-2026-14736HIGH 7.336.2%A vulnerability was found in Ruijie RG-UAC up to 1.0-R1.8.2.p5. The impacted element is an unknown function of the file user_auth_commit.php. Perform...
2CVE-2026-14721HIGH 8.835.9%A vulnerability has been found in UTT HiPER 1250GW up to 3.2.7-210907-180535. This affects an unknown function of the file /goform/ConfigWirelessBase...
3CVE-2026-14641HIGH 7.333.5%A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown functionality of...
4CVE-2026-14734HIGH 7.333.1%A flaw has been found in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /edit_product.php. This ma...
5CVE-2026-14660HIGH 7.333.1%A vulnerability was found in code-projects Online Job Portal 1.0. The affected element is an unknown function of the file login.php. Performing a man...
6CVE-2026-14642HIGH 7.333.1%A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. Affected by this issue is some unknown functionality of the f...
7CVE-2026-14735HIGH 7.333.1%A vulnerability has been found in code-projects Smart Parking System 1.0. The affected element is an unknown function of the file /parkings/parkings....
8CVE-2026-14654HIGH 7.333.1%A vulnerability was identified in SourceCodester Simple and Nice Shopping Cart Script 1.0. Affected is an unknown function of the file /admin/girlspr...
9CVE-2026-14653HIGH 7.333.1%A vulnerability was determined in SourceCodester Simple and Nice Shopping Cart Script 1.0. This impacts an unknown function of the file /admin/menspr...
10CVE-2026-14652HIGH 7.333.1%A vulnerability was found in SourceCodester Simple and Nice Shopping Cart Script 1.0. This affects an unknown function of the file /admin/login.php o...

Source Notes

The source window is 2026-07-04T18:30:00.000Z to 2026-07-05T18:29:59.999Z. AttackTrace uses NVD publication timestamps, CISA KEV date-added values, and FIRST EPSS enrichment. Reviewed threat-activity briefs remain separate and require source-backed exploitation or campaign evidence.

Ranked CVEs

01CVE-2026-14736HIGH 7.3EPSS 36.2%No exploit signal

A vulnerability was found in Ruijie RG-UAC up to 1.0-R1.8.2.p5. The impacted element is an unknown function of the file user_auth_commit.php. Performing a manipulation of the argument upload_image results in unrestricte...

Open NVD record
02CVE-2026-14721HIGH 8.8EPSS 35.9%No exploit signal

A vulnerability has been found in UTT HiPER 1250GW up to 3.2.7-210907-180535. This affects an unknown function of the file /goform/ConfigWirelessBase_5g of the component Web Endpoint. The manipulation of the argument ss...

Open NVD record
03CVE-2026-14641HIGH 7.3EPSS 33.5%No exploit signal

A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit_course.php. Executing a manipulation of the argument I...

Open NVD record
04CVE-2026-14734HIGH 7.3EPSS 33.1%No exploit signal

A flaw has been found in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /edit_product.php. This manipulation of the argument ID causes sql injection. Remote exploitatio...

Open NVD record
05CVE-2026-14660HIGH 7.3EPSS 33.1%No exploit signal

A vulnerability was found in code-projects Online Job Portal 1.0. The affected element is an unknown function of the file login.php. Performing a manipulation of the argument txtUser/txtPass results in sql injection. Th...

Open NVD record
06CVE-2026-14642HIGH 7.3EPSS 33.1%No exploit signal

A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. Affected by this issue is some unknown functionality of the file /edit_class2.php. The manipulation of the argument ID leads to sql...

Open NVD record
07CVE-2026-14735HIGH 7.3EPSS 33.1%No exploit signal

A vulnerability has been found in code-projects Smart Parking System 1.0. The affected element is an unknown function of the file /parkings/parkings.php. Such manipulation of the argument street/city/status leads to sql...

Open NVD record
08CVE-2026-14654HIGH 7.3EPSS 33.1%No exploit signal

A vulnerability was identified in SourceCodester Simple and Nice Shopping Cart Script 1.0. Affected is an unknown function of the file /admin/girlsproductdeletequery.php. Such manipulation of the argument user_id leads...

Open NVD record
09CVE-2026-14653HIGH 7.3EPSS 33.1%No exploit signal

A vulnerability was determined in SourceCodester Simple and Nice Shopping Cart Script 1.0. This impacts an unknown function of the file /admin/mensproductdeletequery.php. This manipulation of the argument user_id causes...

Open NVD record
10CVE-2026-14652HIGH 7.3EPSS 33.1%No exploit signal

A vulnerability was found in SourceCodester Simple and Nice Shopping Cart Script 1.0. This affects an unknown function of the file /admin/login.php of the component Admin Login. The manipulation of the argument Username...

Open NVD record

Defender review

How to use this digest

This digest is an intake queue. Treat it as a prioritization input, then verify product presence, exposure, patch state, and detection coverage in your own environment.

CVE

Separate KEV-backed exploitation from high CVSS records with no exploit signal.

CVE

Confirm affected products and versions before assigning remediation urgency.

CVE

Record evidence gaps instead of converting unknowns into exposure claims.

CVE

Escalate reviewed threat-activity candidates only when exploitation or campaign evidence exists.

Record history

Update history

Update history

Published
2026-07-05
Generated
2026-07-07T05:49:29.902Z
CVEs included
89