CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
CVE-2025-2825: Critical Vulnerability in CrushFTP Exposes Servers to Unauthenticated Access Risk
Admins urged to patch immediately as CrushFTP discloses high-severity flaw impacting versions 10 and 11.A new high-severity vulnerability has been disclosed in CrushFTP, a widely used secure file tran ... Read more
-
Cybersecurity News
Splunk Alert: RCE and Data Leak Vulnerabilities Threaten Platforms
Splunk, a widely used platform for searching, monitoring, and analyzing machine-generated data, has released a security advisory detailing critical vulnerabilities affecting Splunk Enterprise and Splu ... Read more
-
Cybersecurity News
Synapse Servers at Risk: Zero-Day DoS in the Wild
A critical zero-day vulnerability has been discovered in Synapse, an open-source Matrix homeserver implementation. This flaw is actively being exploited in the wild and can lead to a denial-of-service ... Read more
-
Cybersecurity News
CVE-2025-30232: Use-After-Free Vulnerability in Exim Exposes Systems to Privilege Escalation
Exim, a widely used message transfer agent (MTA) for Unix systems, is facing a critical security vulnerability. Tracked as CVE-2025-30232, the flaw is a use-after-free vulnerability that may enable lo ... Read more
-
Cybersecurity News
CISA Flags Active Exploits in Sitecore CMS: CVE-2019-9874 and CVE-2019-9875, PoC Publishes
Two critical vulnerabilities in Sitecore’s anti-CSRF module have re-emerged as active threats, with proof-of-concept exploits in circulation and real-world abuse prompting urgent action from federal a ... Read more
-
Cybersecurity News
Researcher Drops PoC for 9.8 CVSS Ingress-NGINX CVE-2025-1974 Flaw in Kubernetes
A series of critical security vulnerabilities has been discovered in the Ingress-NGINX Controller for Kubernetes, posing a significant risk to Kubernetes deployments. Security researcher Jacob Sandum ... Read more
-
Cybersecurity News
Triple Threat in Frappe Framework: SQL Injection, RCE, and Info Disclosure Fixed in Recent Patches
Multiple critical security vulnerabilities have been identified in the Frappe Framework, a full-stack web framework powering ERPNext and other database-driven applications.Frappe is a versatile, Pytho ... Read more
-
Cybersecurity News
WordPress Plugin CVE-2025-2563 Scores 9.8, Threatens Thousands of Membership Sites
A critical security vulnerability has been discovered in the “User Registration & Membership” WordPress plugin, a popular tool for creating membership websites and registration forms. The flaw, identi ... Read more
-
Cybersecurity News
CryptoLib Vulnerability: Heap Overflow Threatens Space Communications
A critical security vulnerability has been identified in CryptoLib, a C-based software implementation of the CCSDS Space Data Link Security Protocol (SDLS) and SDLS Extended Procedures (SDLS-EP). This ... Read more
-
Cybersecurity News
Mass Reboots and Exploit Attempts Plague DrayTek Routers Across the Globe
Recent reports have highlighted widespread issues with DrayTek routers, including numerous reboots in the UK and Australia, and similar problems in Germany, Vietnam, and other countries. According to ... Read more