CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
cert.pl
Vulnerabilities in firmware of Pix-Link LV-WR21Q routers
Vulnerabilities in firmware of Pix-Link LV-WR21Q routers CVE ID CVE-2025-12386 Publication date 27 January 2026 Vendor Pix-Link Product LV-WR21Q Vulnerable versions V108_108 Vulnerability type (CWE) M ...
-
The Hacker News
Critical Grist-Core Vulnerability Allows RCE Attacks via Spreadsheet Formulas
A critical security flaw has been disclosed in Grist‑Core, an open-source, self-hosted version of the Grist relational spreadsheet-database, that could result in remote code execution. The vulnerabili ...
-
The Register
Office zero-day exploited in the wild forces Microsoft OOB patch
Microsoft has issued an emergency Office patch after confirming a zero-day flaw is already being used in real world attacks. The flaw, tracked as CVE-2026-21509, and slapped with a CVSS score of 7.8, ...
-
CybersecurityNews
WD Discovery Desktop App for Windows Vulnerability Enables Arbitrary Code Execution
A serious security vulnerability in Western Digital’s WD Discovery desktop application has been disclosed, potentially allowing attackers to execute arbitrary code on Windows systems. The flaw, tracke ...
-
The Cyber Express
CISA Flags Actively Exploited VMware vCenter RCE Flaw in KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting VMware vCenter Server to its Known Exploited Vulnerabilities (KEV) catalog, confirming tha ...
-
Help Net Security
Microsoft reveals actively exploited Office zero-day, provides emergency fix (CVE-2026-21509)
Microsoft released emergency Office security updates to fix a security feature bypass vulnerability (CVE-2026-21509) that its threat intelligence and security teams spotted being exploited in the wild ...
-
The Hacker News
China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023
Cybersecurity researchers have discovered a JScript-based command-and-control (C2) framework called PeckBirdy that has been put to use by China-aligned APT actors since 2023 to target multiple environ ...
-
CybersecurityNews
Critical Vulnerability in Python PLY Library Enables Remote Code Execution – PoC Published
A critical vulnerability has been identified in the PyPI-distributed version of PLY (Python Lex-Yacc) 3.11, allowing arbitrary code execution through unsafe deserialization of untrusted pickle files. ...
-
CybersecurityNews
Multiple Vulnerabilities in React Server Components Enable DoS Attacks
Multiple critical security vulnerabilities have recently been disclosed in React Server Components, enabling threat actors to launch Denial-of-Service (DoS) attacks against vulnerable servers. The fla ...
-
security.nl
Microsoft rolt noodpatch uit voor actief aangevallen kwetsbaarheid in Office
Microsoft heeft een noodpatch uitgerold voor een actief aangevallen kwetsbaarheid in Office waardoor aanvallers beveiligingsfuncties lokaal kunnen omzeilen, wat in het ergste geval tot het uitvoeren v ...