CVEFeed Newsroom – Latest Cybersecurity Updates

The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.

  • The Hacker News
New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption

Details have emerged about a new variant of the recent Dirty Frag Linux local privilege escalation (LPE) vulnerability that allows local attackers to gain root access, making it the third such bug to ...

Published Date: May 14, 2026 (6 hours, 21 minutes ago)
  • CybersecurityNews
Critical 18-Year-Old NGINX Vulnerability Enables Remote Code Execution Attacks

A critical heap buffer overflow vulnerability has been discovered in the source code of NGINX, present since 2008. This vulnerability has been publicly disclosed, along with a working proof-of-concept ...

Published Date: May 14, 2026 (7 hours ago)
  • The Hacker News
18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE

Cybersecurity researchers have disclosed multiple security vulnerabilities impacting NGINX Plus and NGINX Open, including a critical flaw that remained undetected for 18 years. The vulnerability, disc ...

Published Date: May 14, 2026 (7 hours, 27 minutes ago)
  • CybersecurityNews
Critical MongoDB Vulnerability Allow Attackers to Execute Arbitrary Code

A newly disclosed critical vulnerability in MongoDB could allow threat actors to execute arbitrary code, potentially handing them complete control over affected servers and exposing millions of record ...

Published Date: May 14, 2026 (7 hours, 33 minutes ago)
  • CybersecurityNews
The Gentlemen RaaS Leverages Fortinet and Cisco Edge Devices for Initial Access

A ransomware group that only surfaced in mid-2025 has already made a significant mark on the threat landscape. The Gentlemen, a ransomware-as-a-service (RaaS) operation, has quickly risen to become on ...

Published Date: May 14, 2026 (7 hours, 43 minutes ago)
  • Daily CyberSecurity
200K Sites at Risk: 9.8 CVSS RCE via Burst Statistics Auth Bypass Exploited in the Wild

In a major discovery for the WordPress ecosystem, PRISM, Wordfence Threat Intelligence’s autonomous vulnerability research platform, has identified a critical authentication bypass vulnerability in Bu ...

Published Date: May 14, 2026 (11 hours, 26 minutes ago)
  • Daily CyberSecurity
Architectural Breach: AMD Zen 2 Flaw Allows Higher-Privilege Instruction Corruption

In a significant revelation for the hardware security world, AMD has identified a vulnerability targeting its Zen 2-based architecture. The flaw, tracked as CVE-2025-54518, resides deep within the pro ...

Published Date: May 14, 2026 (11 hours, 27 minutes ago)
  • Daily CyberSecurity
GitLab Critical Patch: High-Severity XSS and Unauthenticated DoS Flaws Hit Self-Managed Instances

In a major move to secure its DevOps platform, GitLab has released important security versions for both Community Edition (CE) and Enterprise Edition (EE). The updates—18.11.3, 18.10.6, and 18.9.7—add ...

Published Date: May 14, 2026 (11 hours, 48 minutes ago)
  • Daily CyberSecurity
Critical 9.6 Severity Ivanti Xtraction Flaw Exposes Sensitive Data

Ivanti has issued an urgent security update for its Xtraction platform to address a critical vulnerability. Carrying a CVSS score of 9.6, this flaw opens the door to severe data exposure and malicious ...

Published Date: May 14, 2026 (11 hours, 51 minutes ago)
  • Daily CyberSecurity
Critical MongoDB Flaw CVE-2026-8053 Paves the Way for Server Takeover

Time-series data is the backbone of countless modern applications, from financial tickers to IoT monitoring. However, a newly disclosed vulnerability in MongoDB Server is turning this powerful feature ...

Published Date: May 14, 2026 (12 hours, 18 minutes ago)

Filters

Filter news that are affecting your technology stack
Showing 10 of 11244 Results