CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
Massive Rainbow Six Siege breach gives players billions of credits
Ubisoft's Rainbow Six Siege (R6) suffered a breach that allowed hackers to abuse internal systems to ban and unban players, manipulate in-game moderation feeds, and grant massive amounts of in-game cu ...
-
seclists.org
[KIS-2025-14] PKP-WAL <= 3.5.0-1 Login Cross-Site Request Forgery Vulnerability
Full Disclosure mailing list archives From: Egidio Romano <n0b0d13s () gmail com> Date: Tue, 23 Dec 2025 12:20:56 +0100 ----------------------------------------------------------------- PKP-WAL <= 3.5 ...
-
seclists.org
[KIS-2025-13] PKP-WAL <= 3.5.0-3 (X-Forwarded-Host) LESS Code Injection Vulnerability
Full Disclosure mailing list archives From: Egidio Romano <n0b0d13s () gmail com> Date: Tue, 23 Dec 2025 12:20:01 +0100 ----------------------------------------------------------------------- PKP-WAL ...
-
seclists.org
[KIS-2025-12] PKP-WAL <= 3.5.0-1 (baseColour) LESS Code Injection Vulnerability
Full Disclosure mailing list archives From: Egidio Romano <n0b0d13s () gmail com> Date: Tue, 23 Dec 2025 12:19:02 +0100 ----------------------------------------------------------------- PKP-WAL <= 3.5 ...
-
seclists.org
[KIS-2025-11] Open Journal Systems <= 3.5.0-1 (NativeXmlIssueGalleyFilter.php) Path Traversal Vulnerability
Full Disclosure mailing list archives From: Egidio Romano <n0b0d13s () gmail com> Date: Tue, 23 Dec 2025 12:18:17 +0100 -------------------------------------------------------------------------------- ...
-
seclists.org
[KIS-2025-10] PKP-WAL <= 3.5.0-1 (Institution Collector) SQL Injection Vulnerability
Full Disclosure mailing list archives From: Egidio Romano <n0b0d13s () gmail com> Date: Tue, 23 Dec 2025 12:17:34 +0100 ---------------------------------------------------------------------- PKP-WAL < ...
-
CybersecurityNews
87,000+ MongoDB Instances Vulnerable to MongoBleed Flaw Exposed Online – PoC Exploit Released
A high-severity vulnerability in MongoDB Server that allows unauthenticated remote attackers to siphon sensitive data from database memory. Dubbed “MongoBleed” due to its automated similarities to the ...
-
security.nl
NCSC verwacht op korte termijn misbruik van MongoDB-kwetsbaarheid
Het Nationaal Cyber Security Centrum (NCSC) verwacht dat aanvallers op korte termijn misbruik zullen maken van een kwetsbaarheid in MongoDB waarvoor een aantal dagen geleden een beveiligingsupdate ver ...
-
CybersecurityNews
Mongobleed PoC Exploit Tool Released for MongoDB Flaw that Exposes Sensitive Data
A proof-of-concept (PoC) exploit dubbed “mongobleed” for CVE-2025-14847, a critical unauthenticated memory leak vulnerability in MongoDB’s zlib decompression handling. Dubbed by its creator Joe Desimo ...
-
TheCyberThrone
CVE-2025-14847 affecting MongoDB
December 27, 2025CVE-2025-14847 exposes MongoDB Server to unauthenticated remote attacks through malformed zlib-compressed protocol headers, leaking uninitialized heap memory on port 27017. This high- ...