CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Root Access Race: TOCTOU Vulnerability (CVE-2026-41702) Hits VMware Fusion
Broadcom has recently issued a critical alert and accompanying patches for VMware Fusion, addressing a local privilege escalation vulnerability that exploits a split-second lapse in the software’s def ...
-
The Hacker News
On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email
Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come under active exploitation in the wild. The vulnerability, tracked as CVE-202 ...
-
The Hacker News
CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
The U.S.Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly disclosed vulnerability impacting Cisco Catalyst SD-WAN Controller to its Known Exploited Vulnerabilities (KEV ...
-
CybersecurityNews
Cisco Catalyst SD-WAN Controller 0-Day Actively Exploited to Gain Admin Access
A maximum-severity zero-day vulnerability in Cisco Catalyst SD-WAN Controller is being actively exploited in the wild, allowing unauthenticated remote attackers to fully bypass authentication and seiz ...
-
Daily CyberSecurity
cPanel & WHM Patch 5 High-Severity Flaws, Including 8.6 Severity File Read and SQLi
Recently, cPanel & WHM and WP Squared have issued patches for five critical vulnerabilities. These flaws range from arbitrary file reading to SQL injection, posing severe risks to server integrity and ...
-
Daily CyberSecurity
No Password Required: 9.8 Severity ELECOM Router Flaws Allow Total Network Takeover
In a major security disclosure, JPCERT/CC has issued an urgent advisory regarding multiple high-severity vulnerabilities discovered in various wireless LAN routers and access points provided by ELECOM ...
-
Daily CyberSecurity
Cisco SD-WAN Manager XXE Flaw Grants Unauthenticated Access to Private Files
Cisco has detailed the curtain on a fresh set of vulnerabilities haunting its Catalyst SD-WAN Manager (formerly vManage). These flaws could grant remote attackers the keys to your sensitive data or al ...
-
Daily CyberSecurity
Critical 9.2 CVSS RCE Found in Amazon Redshift JDBC Driver
Security teams are being urged to move quickly following the disclosure of a critical Remote Code Execution (RCE) vulnerability found within the Amazon Redshift JDBC Driver. The flaw, tracked as CVE-2 ...
-
Daily CyberSecurity
Critical 9.4 CVSS pgAdmin 4 Flaws Enable Full OS Command Execution
In a major security overhaul, pgAdmin, the world’s most popular open-source administration platform for PostgreSQL, has released version 9.15 to address a cluster of dangerous vulnerabilities. The upd ...
-
Daily CyberSecurity
Kubernetes Alert: 9.4 Severity RCE in CloudNativePG Enables PostgreSQL Superuser Takeover
In a critical discovery for Kubernetes-based database environments, researchers have unveiled a severe privilege escalation and Remote Code Execution (RCE) vulnerability in CloudNativePG (CNPG). The f ...