CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
React2Shell Vulnerability Actively Exploited to Deploy Linux Backdoors
The security vulnerability known as React2Shell is being exploited by threat actors to deliver malware families like KSwapDoor and ZnDoor, according to findings from Palo Alto Networks Unit 42 and NTT ...
-
CybersecurityNews
Critical FortiGate Devices SSO Vulnerabilities Actively Exploited in the Wild
An active intrusion is targeting critical authentication bypass vulnerabilities in Fortinet’s FortiGate appliances and related products. Threat actors are exploiting CVE-2025-59718 and CVE-2025-59719 ...
-
seclists.org
[KIS-2025-08] 1C-Bitrix <= 25.100.500 (Translate Module) Remote Code Execution Vulnerability
Full Disclosure mailing list archives From: Egidio Romano <n0b0d13s () gmail com> Date: Mon, 15 Dec 2025 16:56:09 +0100 ------------------------------------------------------------------------------ 1 ...
-
seclists.org
[KIS-2025-07] Bitrix24 <= 25.100.300 (Translate Module) Remote Code Execution Vulnerability
Full Disclosure mailing list archives From: Egidio Romano <n0b0d13s () gmail com> Date: Mon, 15 Dec 2025 16:54:24 +0100 ----------------------------------------------------------------------------- Bi ...
-
seclists.org
nopCommerce 4.90.0 is vulnerable to Cross Site Request Forgery (CSRF) via the Schedule Tasks functionality
Full Disclosure mailing list archives From: Onur Tezcan via Fulldisclosure <fulldisclosure () seclists org> Date: Fri, 12 Dec 2025 15:11:01 +0000 [Attack Vectors] > It was identified Cross-Site Reques ...
-
seclists.org
nopCommerce 4.90.0 is vulnerable to Cross Site Scripting (XSS) in the product management functionality
Full Disclosure mailing list archives From: Onur Tezcan via Fulldisclosure <fulldisclosure () seclists org> Date: Fri, 12 Dec 2025 15:07:24 +0000 [Attack Vectors] > It was detected that multiple Store ...
-
seclists.org
nopCommerce 4.90.0 is vulnerable to Cross Site Scripting (XSS) via the Currencies functionality.
Full Disclosure mailing list archives From: Onur Tezcan via Fulldisclosure <fulldisclosure () seclists org> Date: Fri, 12 Dec 2025 15:04:09 +0000 [Attack Vectors] > It was detected that a Stored XSS v ...
-
seclists.org
nopCommerce 4.90.0 is vulnerable to Cross Site Scripting (XSS) via the Blog posts functionality in the Content Management area
Full Disclosure mailing list archives From: Onur Tezcan via Fulldisclosure <fulldisclosure () seclists org> Date: Fri, 12 Dec 2025 14:37:07 +0000 [Attack Vectors] > It was detected that a Stored XSS v ...
-
seclists.org
nopCommerce 4.90.0 is vulnerable to Cross Site Scripting (XSS) via the Attributes functionality
Full Disclosure mailing list archives From: Onur Tezcan via Fulldisclosure <fulldisclosure () seclists org> Date: Fri, 12 Dec 2025 14:35:08 +0000 [Attack Vectors] > It was detected that a Stored XSS v ...
-
seclists.org
Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group)
Full Disclosure mailing list archives From: Yuffie Kisaragi via Fulldisclosure <fulldisclosure () seclists org> Date: Mon, 15 Dec 2025 16:40:14 +0000 UPDATE: The reported vulnerabilities have now been ...