CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
The XML Trap: Critical Struts 2 Flaw CVE-2025-68493 Exposes Data
A new flaw has appeared in the foundation of one of the web’s most popular Java frameworks. Security researchers at ZAST.AI have uncovered an “Important” severity vulnerability in Apache Struts 2, war ...
-
Daily CyberSecurity
CVE-2025-68637: Critical Apache Uniffle Flaw Exposes Clusters to Eavesdropping
A high-severity vulnerability has been unearthed in Apache Uniffle, the remote shuffle service that powers data movement for massive distributed computing engines. Tracked as CVE-2025-68637, the flaw ...
-
Daily CyberSecurity
CVE-2026-22184 (CVSS 9.3): Critical zlib Flaw Opens Door to Global Buffer Overflow
A critical vulnerability has been discovered in zlib, the lossless data-compression engine used on “virtually any computer hardware and operating system.” Tracked as CVE-2026-22184, this global buffer ...
-
Daily CyberSecurity
Unpatched & Exposed: Legacy Vivotek Cameras Broadcast Live Video to All
Owners of legacy Vivotek IP7137 surveillance cameras have been dealt a harsh reality check: their devices are riddled with critical security holes, and no patch is coming to save them. CERT Polska has ...
-
Daily CyberSecurity
Game Over? Critical InputPlumber Flaws Expose Linux Gamers to Hijacking
A utility designed to enhance the Linux gaming experience has been found to harbor critical security vulnerabilities that could allow local attackers to hijack sessions or crash systems. The SUSE Secu ...
-
The Register
Meta admits to Instagram password reset mess, denies data leak
infosec in brief Meta has fixed a flaw in its Instagram service that allowed third parties to generate password reset emails, but denied the problem led to theft of users’ personal information. Last F ...
-
Help Net Security
Week in review: PoC for Trend Micro Apex Central RCE released, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Pharma’s most underestimated cyber risk isn’t a breach Chirag Shah, Global Information Security Office ...
-
seclists.org
Re: Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group)
Full Disclosure mailing list archives From: Art Manion via Fulldisclosure <fulldisclosure () seclists org> Date: Thu, 08 Jan 2026 18:26:44 +0000 Hi, the vulnerabilities are no longer considered eligib ...
-
TheCyberThrone
HPE OneView RCE CVE-2025-37164 Added to CISA KEV
January 11, 2026A critical unauthenticated remote code execution vulnerability in HPE OneView, tracked as CVE-2025-37164, has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog due to ...
-
hackread.com
CISA Urges Emergency Patching for Actively Exploited HPE OneView Flaw
If your office uses Hewlett Packard Enterprise (HPE) OneView to manage its servers and networking, you need to check your software version immediately. A major security flaw has been discovered that e ...