Communications of the ACM

Exposing Common Vulnerabilities

Common vulnerabilities and exposures (CVEs) include all types of subversive entry-points discovered in programs, along with a ...
Security Boulevard

CVE-2025-14847 (MongoBleed): MongoDB Memory Leak Vulnerability Exploited in the Wild

A recently disclosed vulnerability affecting MongoDB instances has been reportedly exploited in the wild. Exploit code has been released for this flaw dubbed MongoBleed.Key takeaways:MongoBleed is a ...
Security Boulevard

CVE-2025-40602: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Exploited

A zero-day vulnerability in SonicWall’s Secure Mobile Access (SMA) 1000 was reportedly exploited in the wild in a chained attack with CVE-2025-23006.Key takeaways:CVE-2025-40602 is a local privilege ...

Over 10K Fortinet firewalls exposed to actively exploited 2FA bypass

Over 10,000 Internet-exposed Fortinet firewalls are still vulnerable to attacks exploiting a five-year-old two-factor ...
Mobile ID World

CVE-2025-14733 in WatchGuard Firebox Fireware OS Lands on KEV List

WatchGuard Firebox appliances running Fireware OS are the subject of multiple government and vendor advisories after disclosure of a critical vulnerability tracked as CVE-2025-14733. The Canadian ...

Exploited MongoBleed flaw leaks MongoDB secrets, 87K servers exposed

A severe vulnerability affecting multiple MongoDB versions, dubbed MongoBleed (CVE-2025-14847), is being actively exploited ...
Krebs on Security

Funding Expires for Key Cyber Vulnerability Database

A critical resource that cybersecurity professionals worldwide rely on to identify, mitigate and fix security vulnerabilities in software and hardware is in danger of breaking down. The federally ...
Infosecurity-magazine.com

NVD Revamps Operations as Vulnerability Reporting Surges

After a tumultuous year marked by internal turmoil and a mounting vulnerability backlog, the National Vulnerability Database (NVD) team within the US National Institute of Standards and Technology ...