CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
MongoDB Patches: DoS & Bypass Risks Addressed
MongoDB, the popular open-source NoSQL database, has released patches addressing three newly disclosed vulnerabilities that could expose deployments to denial-of-service and authentication bypass atta ...
-
Daily CyberSecurity
CVE-2025-30223 (CVSS 9.3): Critical XSS Vulnerability Discovered in Beego Framework
A Cross-Site Scripting (XSS) vulnerability has been identified in the Beego framework, a popular Go framework for building web applications and APIs. This vulnerability, tracked as CVE-2025-30223 (CVS ...
-
Daily CyberSecurity
8 Zero-Day Vulnerabilities Uncovered in Netgear WNR854T Router
Security researcher Dylan has disclosed a set of eight previously unknown zero-day vulnerabilities affecting the Netgear WNR854T, a legacy router first released in 2017 and long since unsupported.The ...
-
Daily CyberSecurity
CVE-2025-30065 (CVSS 10): Critical Vulnerability Discovered in Apache Parquet Java
Apache Parquet, a widely used open-source, column-oriented data file format, has been found to contain a critical security vulnerability. This vulnerability poses a significant risk to systems utilizi ...
-
Daily CyberSecurity
Critical Vulnerabilities Threaten IBM App Connect Enterprise
IBM has issued a critical security bulletin warning that multiple versions of its App Connect Enterprise (ACE) software are vulnerable to remote code execution (RCE) due to unsafe defaults in third-pa ...
-
Cyber Security News
VMware Aria Operations Vulnerability Exposes Systems to Privilege Escalation Attacks
VMware has issued a critical security advisory (VMSA-2025-0006) addressing a high-severity local privilege escalation vulnerability (CVE-2025-22231) in its Aria Operations platform. The flaw, rated 7. ...
-
Help Net Security
Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825)
Exploitation attempts targeting the CVE-2025-2825 vulnerability on internet-facing CrushFTP instances are happening, the Shadowserver Foundation has shared on Monday, and the attackers have been lever ...
-
Cyber Security News
Kentico Xperience CMS XSS Vulnerability Let Attackers Execute Remote Code
A critical security flaw in Kentico Xperience CMS, a widely used enterprise content management system (CMS), has been uncovered. By exploiting a Cross-Site Scripting (XSS) vulnerability, attackers can ...
-
TheCyberThrone
CVE-2024-20439 added to CISA KEV Catalog
CVE-2024-20439 is a critical vulnerability affecting Cisco Smart Licensing Utility (CSLU), classified with a CVSS score of 9.8 (Critical). It represents a major security risk, as it allows unauthorize ...
-
Cyber Security News
Rockwell Automation Vulnerability Let Attackers Gain Access to Run Arbitrary Commands
A high-severity security vulnerability (CVE-2025-1449) affecting its Verve Asset Manager product could allow attackers with administrative access to execute arbitrary commands. The vulnerability, disc ...