CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
CISA Warns of Microsoft Exchange Server Vulnerability Exploited in Attacks
CISA has issued a fresh warning about a newly disclosed Microsoft Exchange Server vulnerability that is already being exploited in real-world attacks, raising concerns for organizations relying on on- ...
-
CybersecurityNews
1 Million WordPress Sites Affected by Avada Builder File Read and SQL Injection Flaws
A widely used WordPress plugin powering over one million websites has been hit by two serious vulnerabilities that could allow attackers to steal sensitive data and access server files. Security resea ...
-
CybersecurityNews
New Windows ‘MiniPlasma’ Zero-Day Let Attackers Gain SYSTEM Access – PoC Released
A critical Windows privilege escalation zero-day vulnerability dubbed “MiniPlasma” has emerged with a public proof-of-concept exploit that allows attackers to achieve SYSTEM-level privileges on fully ...
-
The Hacker News
MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems
Chaotic Eclipse, the security researcher behind the recently disclosed Windows flaws, YellowKey and GreenPlasma, has released a proof-of-concept (PoC) for a Windows privilege escalation zero-day flaw ...
-
CybersecurityNews
Critical WordPress Plugin Vulnerability Exposes Websites to Authentication Bypass Attacks
A critical vulnerability in a widely used WordPress plugin has exposed over 200,000 websites to full account takeover, raising urgent concerns across the security community. Discovered on May 8, 2026, ...
-
TheCyberThrone
CVE-2026-42945 — NGINX Heap Buffer Overflow RCE
CVE: CVE-2026-42945CVSS: 9.2 — CriticalVendor: NGINX / F5Affected Versions: 0.6.27 through 1.30.0Vulnerability Type: Heap Buffer OverflowImpact: Unauthenticated Remote Code ExecutionPoC Available: Yes ...
-
The Hacker News
NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE
A newly disclosed security flaw impacting NGINX Plus and NGINX Open has come under active exploitation in the wild, days after its public disclosure, according to VulnCheck. The vulnerability, tracked ...
-
CybersecurityNews
Malicious JPEG Images Could Trigger PHP Memory Safety Vulnerabilities
Two critical memory-safety vulnerabilities in PHP’s image-processing functions could allow attackers to leak sensitive heap memory or to execute denial-of-service attacks via specially crafted JPEG fi ...
-
CybersecurityNews
Linux Kernel Vulnerability “ssh-keysign-pwn” Lets Attackers Read SSH Keys and Shadow Passwords
A newly disclosed Linux kernel vulnerability is raising serious concerns across the security community, as it allows attackers to access highly sensitive data, including SSH private keys and password ...
-
CybersecurityNews
Google Project Zero Discloses Zero-Click Exploit Chain for Pixel 10 Devices
A newly disclosed zero-click exploit chain targeting Google Pixel 10 devices has raised fresh concerns about Android’s low-level security. Google Project Zero researchers demonstrated how attackers co ...