CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
High-Severity GitLab XSS Flaw (CVE-2025-11224) Risks Kubernetes Proxy Session Hijacking
GitLab has released a new round of security updates for both Community Edition (CE) and Enterprise Edition (EE), addressing multiple vulnerabilities — including a high-severity flaw that could allow s ...
-
Daily CyberSecurity
Critical Dell Data Lakehouse Vulnerability (CVE-2025-46608) Allows Privilege Escalation
Dell has issued a security advisory warning customers of a critical severity vulnerability affecting Dell Data Lakehouse products prior to version 1.6.0.0. Tracked as CVE-2025-46608 and assigned a CVS ...
-
Daily CyberSecurity
Elastic Patches Two Kibana Flaws — SSRF (CVE-2025-37734) and XSS (CVE-2025-59840) Flaws Affect Multiple Versions
Elastic has issued two security advisories addressing two vulnerabilities in Kibana, the visualization and analytics dashboard component of the Elastic Stack, which could enable server-side request fo ...
-
Daily CyberSecurity
CVE-2025-11919: Wolfram Cloud Vulnerability Exposes Users to Privilege Escalation and Remote Code Execution
A newly disclosed vulnerability in Wolfram Cloud version 14.2 — tracked as CVE-2025-11919 — could allow attackers to achieve privilege escalation, information exfiltration, and remote code execution ( ...
-
Daily CyberSecurity
Open WebUI XSS Flaw (CVE-2025-64495) Risks Admin RCE via Malicious Prompts
The developers behind Open WebUI, an open-source and self-hosted AI interface framework, have issued a security advisory disclosing a high-severity vulnerability (CVE-2025-64495, CVSS 8.7) affecting v ...
-
Daily CyberSecurity
CERT/CC Warns of Code Execution Flaws in Lite XL Text Editor (CVE-2025-12120, CVE-2025-12121)
The CERT Coordination Center (CERT/CC) has issued a vulnerability note highlighting two severe security flaws in Lite XL, a lightweight cross-platform text editor popular among developers for its Lua- ...
-
The Register
Attackers turned Citrix, Cisco 0-day exploits into custom-malware hellscape
An "advanced" attacker exploited CitrixBleed 2 and a max-severity Cisco Identity Services Engine (ISE) bug as zero-days to deploy custom malware, according to Amazon Chief Information Security Officer ...
-
Kaspersky
CVE-2024-12649: vulnerability in the Canon TTF interpreter
These days, attackers probing an organization’s infrastructure rarely come across the luxury of a workstation without an EDR agent, so malicious actors are focusing on compromising servers, or various ...
-
CybersecurityNews
Citrix NetScaler ADC and Gateway Vulnerability Enables Cross-Site Scripting Attacks
Cloud Software Group has disclosed a cross-site scripting (XSS) vulnerability affecting NetScaler ADC and NetScaler Gateway products. Tracked as CVE-2025-12101, the flaw allows attackers to inject mal ...
-
CybersecurityNews
Beware of Malicious Steam Cleanup Tool Attack Windows Machines to Deploy Backdoor Malware
A sophisticated backdoor malware campaign has emerged targeting Windows users through a weaponized version of SteamCleaner, a legitimate open-source utility designed to clean junk files from the Steam ...