Automation Boundary
This digest is automated CVE intake, not a reviewed threat-activity claim. It ranks public NVD records with EPSS enrichment and CISA KEV context so defenders have a daily review queue. Items without an exploitation signal should be treated as vulnerability-prioritization leads, not evidence of active intrusion.
Daily Counts
- NVD CVEs published in the source window: 113
- High or critical CVEs considered for ranking: 50
- CISA KEV additions on 2026-07-07: 0
- Ranked items published here: 10
Top 10 CVE Intake
| Rank | CVE | CVSS | EPSS percentile | CVE summary |
|---|---|---|---|---|
| 1 | CVE-2026-57572 | CRITICAL 10.0 | 0.0% | Crawl4AI is an open-source LLM-friendly web crawler and scraper. Prior to 0.9.0, the Docker API server accepted request-supplied browser_config.extra... |
| 2 | CVE-2026-34048 | CRITICAL 9.9 | 0.0% | Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, terminal websocket boots... |
| 3 | CVE-2026-34047 | CRITICAL 9.9 | 0.0% | Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, terminal WebSocket boots... |
| 4 | CVE-2026-34037 | CRITICAL 9.9 | 0.0% | Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.464, the cloneTo() Livewire a... |
| 5 | CVE-2026-34038 | CRITICAL 9.9 | 0.0% | Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.469, an authenticated remote... |
| 6 | CVE-2026-9181 | CRITICAL 9.8 | 0.0% | ArcGIS Server contains a directory traversal vulnerability. An unauthenticated attacker could exploit this issue by sending crafted path parameters.... |
| 7 | CVE-2026-57571 | CRITICAL 9.6 | 0.0% | Crawl4AI is an open-source LLM-friendly web crawler and scraper. Prior to 0.9.0, when the crawler saves a downloaded file, the destination filename w... |
| 8 | CVE-2026-42341 | CRITICAL 9.2 | 0.0% | FOSSBilling is a free, open-source billing and client management system. Versions 0.6.0 through 0.7.2 have an unauthenticated payment bypass vulnerab... |
| 9 | CVE-2026-43921 | HIGH 8.9 | 0.0% | FOSSBilling is a free, open-source billing and client management system. Versions 0.6.10 through 0.7.2 have a PHP code injection vulnerability in FOS... |
| 10 | CVE-2026-34158 | HIGH 8.8 | 0.0% | Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.469, the executeInDocker() he... |
Source Notes
The source window is 2026-07-06T18:30:00.000Z to 2026-07-07T05:50:10.846Z. AttackTrace uses NVD publication timestamps, CISA KEV date-added values, and FIRST EPSS enrichment. Reviewed threat-activity briefs remain separate and require source-backed exploitation or campaign evidence.
Ranked CVEs
Crawl4AI is an open-source LLM-friendly web crawler and scraper. Prior to 0.9.0, the Docker API server accepted request-supplied browser_config.extra_args, which flowed into Chromium's launch arguments. An attacker coul...
Open NVD recordCoolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, terminal websocket bootstrap routes only check authentication and do not enforce terminal auth...
Open NVD recordCoolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, terminal WebSocket bootstrap routes did not enforce the expected authorization middleware, all...
Open NVD recordCoolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.464, the cloneTo() Livewire action in ResourceOperations.php authorizes the source resource but res...
Open NVD recordCoolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.469, an authenticated remote command injection vulnerability in application deployment handling all...
Open NVD recordArcGIS Server contains a directory traversal vulnerability. An unauthenticated attacker could exploit this issue by sending crafted path parameters. Successful exploitation could allow access to sensitive files on the s...
Open NVD recordCrawl4AI is an open-source LLM-friendly web crawler and scraper. Prior to 0.9.0, when the crawler saves a downloaded file, the destination filename was taken from attacker-influenced input and joined to the downloads di...
Open NVD recordFOSSBilling is a free, open-source billing and client management system. Versions 0.6.0 through 0.7.2 have an unauthenticated payment bypass vulnerability in FOSSBilling's IPN callback endpoint. When the Custom payment...
Open NVD recordFOSSBilling is a free, open-source billing and client management system. Versions 0.6.10 through 0.7.2 have a PHP code injection vulnerability in FOSSBilling's `Config::prettyPrintArrayToPHP()` method. When configuratio...
Open NVD recordCoolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.469, the executeInDocker() helper wraps user-controlled commands in single quotes without escaping...
Open NVD recordDefender review
How to use this digest
This digest is an intake queue. Treat it as a prioritization input, then verify product presence, exposure, patch state, and detection coverage in your own environment.
Separate KEV-backed exploitation from high CVSS records with no exploit signal.
Confirm affected products and versions before assigning remediation urgency.
Record evidence gaps instead of converting unknowns into exposure claims.
Escalate reviewed threat-activity candidates only when exploitation or campaign evidence exists.
Record history
Update history
Update history
- Published
- 2026-07-07
- Generated
- 2026-07-07T05:50:12.752Z
- CVEs included
- 113