CVE WatchlistTop 10 CVEs for July 6, 2026
CVE watchlist

Automated CVE intake

Top 10 CVEs for July 6, 2026

Automated daily CVE intake for July 6, 2026: 128 NVD CVEs, 72 high or critical entries, and 0 CISA KEV additions in the source window.

128 NVD CVEs72 high/critical0 KEV

Automation Boundary

This digest is automated CVE intake, not a reviewed threat-activity claim. It ranks public NVD records with EPSS enrichment and CISA KEV context so defenders have a daily review queue. Items without an exploitation signal should be treated as vulnerability-prioritization leads, not evidence of active intrusion.

Daily Counts

  • NVD CVEs published in the source window: 128
  • High or critical CVEs considered for ranking: 72
  • CISA KEV additions on 2026-07-06: 0
  • Ranked items published here: 10

Top 10 CVE Intake

RankCVECVSSEPSS percentileCVE summary
1CVE-2026-14802HIGH 7.367.5%A vulnerability was detected in react create-react-app up to 5.0.1 on macOS. This affects the function startBrowserProcess of the file openBrowser.js...
2CVE-2026-40047CRITICAL 9.151.9%Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Apache Camel Docling component. The camel-docling...
3CVE-2026-6382CRITICAL 9.140.1%The FileOrganizer WordPress plugin before 1.1.9, Advanced File Manager WordPress plugin before 5.4.12, File Manager Pro WordPress plugin before 2.1.1...
4CVE-2026-14808CRITICAL 9.839.6%Prog Management System developed by PROG MIS has a Exposure of Sensitive Information vulnerability, allowing unauthenticated remote attackers to view...
5CVE-2026-43865HIGH 8.138.8%Deserialization of Untrusted Data vulnerability in Apache Camel Hazelcast component. The camel-hazelcast component creates and manages Hazelcast inst...
6CVE-2026-14807CRITICAL 9.836.9%ERP App developed by PROG MIS has a Use of Hard-coded Credentials vulnerability, allowing unauthenticated remote attackers to log in to view applicat...
7CVE-2026-14809HIGH 8.735.2%Prog Management System developed by PROG MIS has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL com...
8CVE-2026-40859HIGH 8.131.3%Deserialization of Untrusted Data vulnerability in Apache Camel. The camel-vertx-http component deserializes HTTP response bodies carrying the Conten...
9CVE-2026-42527HIGH 8.123.0%Deserialization of Untrusted Data vulnerability in Apache Camel. The default ObjectInputFilter pattern shipped with several Apache Camel components f...
10CVE-2024-6228HIGH 7.522.0%The Notifications for Forms & WordPress Actions WordPress plugin before 2.6 does not validate a user-supplied value before using it to build a server...

Source Notes

The source window is 2026-07-05T18:30:00.000Z to 2026-07-06T18:29:59.999Z. AttackTrace uses NVD publication timestamps, CISA KEV date-added values, and FIRST EPSS enrichment. Reviewed threat-activity briefs remain separate and require source-backed exploitation or campaign evidence.

Ranked CVEs

01CVE-2026-14802HIGH 7.3EPSS 67.5%No exploit signal

A vulnerability was detected in react create-react-app up to 5.0.1 on macOS. This affects the function startBrowserProcess of the file openBrowser.js of the component react-dev-utils. Performing a manipulation results i...

Open NVD record
02CVE-2026-40047CRITICAL 9.1EPSS 51.9%No exploit signal

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Apache Camel Docling component. The camel-docling component invokes the external `docling` command-line tool by assembl...

Open NVD record
03CVE-2026-6382CRITICAL 9.1EPSS 40.1%No exploit signal

The FileOrganizer WordPress plugin before 1.1.9, Advanced File Manager WordPress plugin before 5.4.12, File Manager Pro WordPress plugin before 2.1.1, File Manager WordPress plugin before 8.0.4 do not properly escape a...

Open NVD record
04CVE-2026-14808CRITICAL 9.8EPSS 39.6%No exploit signal

Prog Management System developed by PROG MIS has a Exposure of Sensitive Information vulnerability, allowing unauthenticated remote attackers to view a specific page and obtain the database account and password.

Open NVD record
05CVE-2026-43865HIGH 8.1EPSS 38.8%No exploit signal

Deserialization of Untrusted Data vulnerability in Apache Camel Hazelcast component. The camel-hazelcast component creates and manages Hazelcast instances using a default configuration that applies no Java deserializati...

Open NVD record
06CVE-2026-14807CRITICAL 9.8EPSS 36.9%No exploit signal

ERP App developed by PROG MIS has a Use of Hard-coded Credentials vulnerability, allowing unauthenticated remote attackers to log in to view application code and obtain the database account and password.

Open NVD record
07CVE-2026-14809HIGH 8.7EPSS 35.2%No exploit signal

Prog Management System developed by PROG MIS has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents.

Open NVD record
08CVE-2026-40859HIGH 8.1EPSS 31.3%No exploit signal

Deserialization of Untrusted Data vulnerability in Apache Camel. The camel-vertx-http component deserializes HTTP response bodies carrying the Content-Type application/x-java-serialized-object using a raw java.io.Object...

Open NVD record
09CVE-2026-42527HIGH 8.1EPSS 23.0%No exploit signal

Deserialization of Untrusted Data vulnerability in Apache Camel. The default ObjectInputFilter pattern shipped with several Apache Camel components for defense-in-depth deserialization filtering ('java.**;javax.**;org.a...

Open NVD record
10CVE-2024-6228HIGH 7.5EPSS 22.0%No exploit signal

The Notifications for Forms & WordPress Actions WordPress plugin before 2.6 does not validate a user-supplied value before using it to build a server-side file inclusion path, allowing authenticated users with subscribe...

Open NVD record

Defender review

How to use this digest

This digest is an intake queue. Treat it as a prioritization input, then verify product presence, exposure, patch state, and detection coverage in your own environment.

CVE

Separate KEV-backed exploitation from high CVSS records with no exploit signal.

CVE

Confirm affected products and versions before assigning remediation urgency.

CVE

Record evidence gaps instead of converting unknowns into exposure claims.

CVE

Escalate reviewed threat-activity candidates only when exploitation or campaign evidence exists.

Record history

Update history

Update history

Published
2026-07-06
Generated
2026-07-07T05:49:49.680Z
CVEs included
128