CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
TheCyberThrone
Fortinet FortiSandbox — Critical Vulnerability Advisory
April 16, 2026Fortinet published a sweeping security advisory on April 14, 2026, disclosing multiple vulnerabilities across its FortiSandbox platform. Two of the flaws are rated Critical with unauthen ...
-
Daily CyberSecurity
Critical Hardcoded Credential Bug Hits Nexus Repository 3
In the world of DevSecOps, Sonatype Nexus Repository is a cornerstone for managing software artifacts and supply chain security. However, a recently disclosed vulnerability has revealed that the “vaul ...
-
Daily CyberSecurity
Synology DSM Update Fixes High-Severity File Manipulation Flaws
Synology has released an important security update for its DiskStation Manager (DSM) operating system to address a cluster of vulnerabilities that could allow attackers to manipulate files, leak sensi ...
-
Daily CyberSecurity
Critical 9.1 Bypass in OAuth2 Proxy Exposes Upstream Resources
In the world of cloud-native security, OAuth2 Proxy serves as a vital gatekeeper, providing a flexible and open-source way to protect web applications with OAuth2 and OIDC authentication. However, a n ...
-
The Hacker News
ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Stories
You know that feeling when you open your feed on a Thursday morning and it's just... a lot? Yeah. This week delivered. We've got hackers getting creative in ways that are almost impressive if you igno ...
-
Help Net Security
Fortinet fixes critical FortiSandbox vulnerabilities (CVE-2026-39813, CVE-2026-39808)
Two vulnerabilities (CVE-2026-39813, CVE-2026-39808) in FortiSandbox could be leveraged by unauthenticated attackers to bypass authentication and execute unauthorized code or commands on vulnerable sy ...
-
Daily CyberSecurity
CVE-2026-38526: Critical CVSS 10 Vulnerability Discovered in Krayin CRM
A maximum-severity security flaw has been unearthed in Krayin CRM, a popular open-source framework built on Laravel and Vue.js. The vulnerability, tracked as CVE-2026-38526, carries a CVSS score of 10 ...
-
Daily CyberSecurity
CVE-2026-40884: Critical 9.8 Bypass Hits goshs SFTP Servers
In the fast-paced environment of penetration testing and CTF challenges, tools that prioritize speed and ease of use are invaluable. However, a critical security vulnerability has been identified in g ...
-
CybersecurityNews
Critical Cisco ISE Vulnerabilities Let Remote Attackers Execute Malicious Code
Cisco has issued an urgent security advisory warning of multiple vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC). According to the official Cisco sec ...
-
The Hacker News
Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution
Cisco has announced patches to address four critical security flaws impacting Identity Services and Webex Services that could result in arbitrary code execution and allow an attacker to impersonate an ...