CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
cert.pl
Vulnerability in Responsive FileManager software
Vulnerability in Responsive FileManager software CVE ID CVE-2026-5482 Publication date 15 June 2026 Vendor Tecrail Product Responsive FileManager Vulnerable versions All through 9.14.0 Vulnerability t ...
-
cert.pl
Vulnerability in Quick.CMS software
Vulnerability in Quick.CMS software CVE ID CVE-2026-11860 Publication date 15 June 2026 Vendor OpenSolution Product Quick.CMS Vulnerable versions All through 6.8 until patch published on 14.05.2026 Vu ...
-
The Hacker News
Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites
An attacker tampered with trusted JavaScript files used by WordPress sites running PushEngage, OptinMonster, and TrustPulse, turning those files into a way to break into the sites. When a site adminis ...
-
The Cyber Express
Splunk Urges Immediate Patching of Critical Flaw Enabling Arbitrary File Operations
A newly disclosed security vulnerability in Splunk Enterprise has prompted urgent patching efforts after researchers revealed that the flaw could allow unauthenticated attackers to perform arbitrary f ...
-
The Hacker News
Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw
Palo Alto Networks has revealed that it has observed "active exploitation" of a recently disclosed PAN-OS vulnerability by an unknown threat actor to obtain unauthorized access to GlobalProtect portal ...
-
TheCyberThrone
CVE-2026-20253 — Splunk Enterprise Unauthenticated RCE
Severity: CriticalCVSS v3.1 Score: 9.8CWE: CWE-306 — Missing Authentication for Critical FunctionVendor Advisory: SVD-2026-0603What Is VulnerableCVE-2026-20253 affects Splunk Enterprise versions below ...
-
The Hacker News
Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication
Splunk has released security updates to address a critical security flaw in Splunk Enterprise that could be exploited to conduct unauthenticated file operations and even remote code execution. The vul ...
-
Ars Technica
PeopleSoft 0-day affecting hundreds of organizations steals gigabytes of data
“While several organizations successfully blocked the activity or remediated the vulnerabilities, others experienced compromise, resulting in stolen data being published on the ShinyHunters DLS,” Mand ...
-
The Hacker News
China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade
Instead of hiding on the laptops and servers defenders watch most closely, a China-nexus group spent close to a decade hidden inside the Linux login system itself. Sygnia, which tracks the group as Ve ...
-
The Hacker News
LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution
Cybersecurity researchers have disclosed details of three now-patched security flaws impacting LangGraph, including a critical vulnerability chain that could result in remote code execution. LangGraph ...