CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Multiple Hikvision Vulnerabilities Let Attackers Inject Executable Commands
Hikvision has disclosed three significant security vulnerabilities affecting multiple versions of its HikCentral product suite that could enable attackers to execute malicious commands and gain unauth ...
-
cert.pl
Vulnerabilities in Payload CMS software
Vulnerabilities in Payload CMS software CVE ID CVE-2025-4643 Publication date 29 August 2025 Vendor Payload CMS Product Payload Vulnerable versions All before 3.44.0 Vulnerability type (CWE) Insuffici ...
-
The Hacker News
Click Studios Patches Passwordstate Authentication Bypass Vulnerability in Emergency Access Page
Aug 29, 2025Ravie LakshmananVulnerability / Enterprise Security Click Studios, the developer of enterprise-focused password management solution Passwordstate, said it has released security updates t ...
-
The Hacker News
FreePBX Servers Targeted by Zero-Day Flaw, Emergency Patch Now Available
Aug 29, 2025Ravie LakshmananZero-Day / Vulnerability The Sangoma FreePBX Security Team has issued an advisory warning about an actively exploited FreePBX zero-day vulnerability that impacts systems ...
-
Daily CyberSecurity
Multi Flaws Found in HikCentral, Including a Bypass for Admin Access (CVE-2025-39247)
The Hikvision Security Response Center (HSRC) has released a new advisory detailing three vulnerabilities affecting different versions of the company’s HikCentral product line. The flaws range from CS ...
-
security.nl
Onderzoeker: sterke afname van het aantal Citrix-systemen op internet
Het aantal Citrix-systemen op internet is de afgelopen jaren sterk afgenomen wat samenhangt met alle misbruikte kwetsbaarheden in het systeem, zo stelt beveiligingsonderzoeker Kevin Beaumont op basis ...
-
CybersecurityNews
PhpSpreadsheet Library Vulnerability Enables Attackers to Feed Malicious HTML Input
A high-severity Server-Side Request Forgery (SSRF) vulnerability has been identified in the widely used PhpSpreadsheet library, potentially allowing attackers to exploit internal network resources and ...
-
Daily CyberSecurity
NVIDIA Refuses to Pay 15% China Revenue Share Without a Law
Earlier reports suggested that the U.S. government had reached an agreement with NVIDIA and AMD, requiring the two semiconductor giants to surrender 15% of revenue from certain AI chip exports to Chin ...
-
Daily CyberSecurity
CRITICAL Zero-Day CVE-2025-57819 in FreePBX Is Under Active Attack (CVSS 10.0)
The Sangoma FreePBX Security Team has issued a critical advisory for a newly discovered vulnerability in its popular open-source telephony platform. Tracked as CVE-2025-57819 with a maximum CVSSv4 sco ...
-
Daily CyberSecurity
CVE-2025-50979: SQL Injection Flaw in NodeBB Forum Software, PoC Available
The developers of NodeBB, a popular open-source forum platform, have disclosed a critical vulnerability affecting version v4.3.0. Tracked as CVE-2025-50979 with a CVSS score of 8.6, the flaw could all ...