CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
PAN-OS Flaw (CVE-2025-4619) Allows Unauthenticated Firewall Reboot via Single Crafted Packet
Palo Alto Networks has issued a security advisory for a newly discovered denial-of-service (DoS) vulnerability affecting several versions of PAN-OS — the operating system used across PA-Series, VM-Ser ...
-
TheCyberThrone
CISA KEV Catalog Update November 2025
November 13, 2025The following vulnerabilities were recently added to the CISA Known Exploited Vulnerabilities (KEV) catalog and involve WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox pro ...
-
Daily CyberSecurity
High-Severity GitLab XSS Flaw (CVE-2025-11224) Risks Kubernetes Proxy Session Hijacking
GitLab has released a new round of security updates for both Community Edition (CE) and Enterprise Edition (EE), addressing multiple vulnerabilities — including a high-severity flaw that could allow s ...
-
Daily CyberSecurity
Critical Dell Data Lakehouse Vulnerability (CVE-2025-46608) Allows Privilege Escalation
Dell has issued a security advisory warning customers of a critical severity vulnerability affecting Dell Data Lakehouse products prior to version 1.6.0.0. Tracked as CVE-2025-46608 and assigned a CVS ...
-
Daily CyberSecurity
Elastic Patches Two Kibana Flaws — SSRF (CVE-2025-37734) and XSS (CVE-2025-59840) Flaws Affect Multiple Versions
Elastic has issued two security advisories addressing two vulnerabilities in Kibana, the visualization and analytics dashboard component of the Elastic Stack, which could enable server-side request fo ...
-
Daily CyberSecurity
CVE-2025-11919: Wolfram Cloud Vulnerability Exposes Users to Privilege Escalation and Remote Code Execution
A newly disclosed vulnerability in Wolfram Cloud version 14.2 — tracked as CVE-2025-11919 — could allow attackers to achieve privilege escalation, information exfiltration, and remote code execution ( ...
-
Daily CyberSecurity
Open WebUI XSS Flaw (CVE-2025-64495) Risks Admin RCE via Malicious Prompts
The developers behind Open WebUI, an open-source and self-hosted AI interface framework, have issued a security advisory disclosing a high-severity vulnerability (CVE-2025-64495, CVSS 8.7) affecting v ...
-
Daily CyberSecurity
CERT/CC Warns of Code Execution Flaws in Lite XL Text Editor (CVE-2025-12120, CVE-2025-12121)
The CERT Coordination Center (CERT/CC) has issued a vulnerability note highlighting two severe security flaws in Lite XL, a lightweight cross-platform text editor popular among developers for its Lua- ...
-
The Register
Attackers turned Citrix, Cisco 0-day exploits into custom-malware hellscape
An "advanced" attacker exploited CitrixBleed 2 and a max-severity Cisco Identity Services Engine (ISE) bug as zero-days to deploy custom malware, according to Amazon Chief Information Security Officer ...
-
Kaspersky
CVE-2024-12649: vulnerability in the Canon TTF interpreter
These days, attackers probing an organization’s infrastructure rarely come across the luxury of a workstation without an EDR agent, so malicious actors are focusing on compromising servers, or various ...