CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Magento Input Validation Vulnerability Exploited In Wild To Hijack Session And Execute Malicious Codes
A critical vulnerability in Magento, the popular e-commerce platform, is now rebranded as Adobe Commerce. Dubbed SessionReaper and tracked as CVE-2025-54236, this improper input validation flaw allows ...
-
The Hacker News
Active Exploits Hit Dassault and XWiki — CISA Confirms Critical Flaws Under Attack
Oct 29, 2025Ravie LakshmananVulnerability / Malware Threat actors are actively exploiting multiple security flaws impacting Dassault Systèmes DELMIA Apriso and XWiki, according to alerts issued by t ...
-
CybersecurityNews
Microsoft Details ASP.NET Vulnerability That Enables Attackers To Smuggle HTTP Requests
Microsoft has issued a critical security update for ASP.NET Core to address CVE-2025-55315, a high-severity flaw that enables HTTP request smuggling and could allow attackers to bypass key security co ...
-
The Cyber Express
Apache Warns of Critical Tomcat Vulnerabilities Impacting Versions 9, 10, and 11
The Apache Software Foundation has disclosed two new security vulnerabilities affecting multiple versions of Apache Tomcat, warning system administrators to take immediate action. The flaws, identifie ...
-
CybersecurityNews
Docker Compose Vulnerability Allow Attacks To Overwrite Arbitrary Files
Docker Compose, a cornerstone tool for developers managing containerized application harbors a high-severity vulnerability that lets attackers overwrite files anywhere on a host system. Discovered in ...
-
Daily CyberSecurity
CISA KEV Alert: Critical DELMIA Apriso Flaws Under Active Exploitation Allow RCE and Privileged Access
The Cybersecurity and Infrastructure Security Agency (CISA) has added two critical Dassault Systèmes DELMIA Apriso vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, following confi ...
-
Daily CyberSecurity
Critical IBM Maximo Flaw (CVE-2025-36386, CVSS 9.8) Allows Unauthenticated Bypass to Cognos Analytics
IBM has issued a critical security advisory warning customers of a high-severity vulnerability (CVE-2025-36386, CVSS 9.8) in IBM Maximo Manage, a core component of the IBM Maximo Application Suite (MA ...
-
seclists.org
SEC Consult SA-20251027-0 :: Unauthenticated Local File Disclosure in MPDV Mikrolab MIP 2 / FEDRA 2 / HYDRA X Manufacturing Execution System #CVE-2025-12055
Full Disclosure mailing list archives SEC Consult SA-20251027-0 :: Unauthenticated Local File Disclosure in MPDV Mikrolab MIP 2 / FEDRA 2 / HYDRA X Manufacturing Execution System #CVE-2025-12055 From: ...
-
seclists.org
Re: [FD] : "Glass Cage" – Zero-Click iMessage → Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885)
Full Disclosure mailing list archives From: "Noor Christensen" <kchr+fd () fripost org> Date: Sun, 26 Oct 2025 16:35:45 +0100 On Thu Oct 2, 2025 at 11:45 PM CEST, josephgoyd via Fulldisclosure wrote: ...
-
Daily CyberSecurity
Docker Compose Path Traversal (CVE-2025-62725) Allows Arbitrary File Overwrite via OCI Artifacts
The Docker Compose project has disclosed a high-severity path traversal vulnerability tracked as CVE-2025-62725 (CVSS v4 8.9), which affects users across Docker Desktop, standalone Compose binaries, C ...