CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Critical React Router Vulnerability Let Attackers Access or Modify Server Files
Security researchers have identified critical vulnerabilities in React Router that allow attackers to access or modify server files via directory traversal. The flaws affect multiple packages within t ...
-
CybersecurityNews
Critical InputPlumber Vulnerabilities Allows UI Input Injection and Denial-of-Service
Critical vulnerabilities in InputPlumber, a Linux input device utility used in SteamOS, could allow attackers to inject UI inputs and cause denial-of-service conditions on affected systems. The SUSE r ...
-
Daily CyberSecurity
Critical React Router Flaws: CVE-2025-61686 Exposes Server Files
Developers relying on the popular React Router library are being urged to patch their applications immediately following the disclosure of multiple high-severity vulnerabilities. The flaws, ranging fr ...
-
Daily CyberSecurity
The XML Trap: Critical Struts 2 Flaw CVE-2025-68493 Exposes Data
A new flaw has appeared in the foundation of one of the web’s most popular Java frameworks. Security researchers at ZAST.AI have uncovered an “Important” severity vulnerability in Apache Struts 2, war ...
-
Daily CyberSecurity
CVE-2025-68637: Critical Apache Uniffle Flaw Exposes Clusters to Eavesdropping
A high-severity vulnerability has been unearthed in Apache Uniffle, the remote shuffle service that powers data movement for massive distributed computing engines. Tracked as CVE-2025-68637, the flaw ...
-
Daily CyberSecurity
CVE-2026-22184 (CVSS 9.3): Critical zlib Flaw Opens Door to Global Buffer Overflow
A critical vulnerability has been discovered in zlib, the lossless data-compression engine used on “virtually any computer hardware and operating system.” Tracked as CVE-2026-22184, this global buffer ...
-
Daily CyberSecurity
Unpatched & Exposed: Legacy Vivotek Cameras Broadcast Live Video to All
Owners of legacy Vivotek IP7137 surveillance cameras have been dealt a harsh reality check: their devices are riddled with critical security holes, and no patch is coming to save them. CERT Polska has ...
-
Daily CyberSecurity
Game Over? Critical InputPlumber Flaws Expose Linux Gamers to Hijacking
A utility designed to enhance the Linux gaming experience has been found to harbor critical security vulnerabilities that could allow local attackers to hijack sessions or crash systems. The SUSE Secu ...
-
The Register
Meta admits to Instagram password reset mess, denies data leak
infosec in brief Meta has fixed a flaw in its Instagram service that allowed third parties to generate password reset emails, but denied the problem led to theft of users’ personal information. Last F ...
-
Help Net Security
Week in review: PoC for Trend Micro Apex Central RCE released, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Pharma’s most underestimated cyber risk isn’t a breach Chirag Shah, Global Information Security Office ...