The most featured CVEs in this week’s security newsletters, with public Proof-of-Concepts, ordered by mention count. Older CVEs, trivially exploitable vulnerabilities (such as using hard-coded credentials) and those affecting open source projects with very small userbases aren’t listed.

For the most up-to-date and accurate info, visit the NIST links. Always audit PoCs thoroughly before running them.

CVE-2024-21413

• Severity: 9.8 CRITICAL
• Impacted Products: Microsoft Outlook
• Description: Microsoft Outlook Remote Code Execution Vulnerability.
• Remediation: Follow Microsoft’s advisories for mitigation or patching strategies.
• More Info: NVD - CVE-2024-21413
• PoC: https://github.com/duy-31/CVE-2024-21413/

CVE-2025-24964

• Severity: Awaiting Analysis
• Impacted Products: Vitest < 1.6.1, < 2.1.9 and < 3.0.5
• Description: Affected versions are subject to arbitrary remote Code Execution when accessing a malicious website while Vitest API server is listening by Cross-site WebSocket hijacking (CSWSH) attacks. When api option is enabled (Vitest UI enables it), Vitest starts a WebSocket server. This WebSocket server did not check Origin header and did not have any authorization mechanism and was vulnerable to CSWSH attacks. This WebSocket server has saveTestFile API that can edit a test file and rerun API that can rerun the tests. An attacker can execute arbitrary code by injecting a code in a test file by the saveTestFile API and then running that file by calling the rerun API. This vulnerability can result in remote code execution for users that are using Vitest serve API.
• Remediation: See developer guidance.
• More Info: NVD - CVE-2025-24964
• PoC: https://github.com/advisories/GHSA-9crc-q9x8-hgqq

CVE-2025-0411

• Severity: HIGH 7.0
• Impacted Products: 7Zip > 24.09
• Description: Allows remote attackers to bypass the Mark-of-the-Web protection mechanism.
• Remediation: See developer guidance.
• More Info: NVD - CVE-2025-0411
• PoC: https://github.com/dhmosfunk/7-Zip-CVE-2025-0411-POC/

CVE-2024-57707

• Severity: HIGH 7.4
• Impacted Products: DataEase v1
• Description: Allows an attacker to execute arbitrary code via the user account and password components.
• Remediation: See developer guidance.
• More Info: NVD - CVE-2024-57707
• PoC: https://github.com/shigophilo/CVE/blob/main/DataEase-v1-code-execute.md

CVE-2024-48445

• Severity: CRITICAL 9.8
• Impacted Products: Compop Online Mall version 3.5.3
• Description: Authentication bypass vulnerability due to mishandling of a unix timestamp.
• Remediation: See developer guidance.
• More Info: NVD - CVE-2024-48445
• PoC: https://packetstorm.news/files/id/188996

CVE-2024-40891

• Severity: 8.8 HIGH
• Impacted Products: DSL CPE Zyxel VMG4325-B10A firmware
• Description: A post-authentication command injection vulnerability in the management commands of the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0_20170615 could allow an authenticated attacker to execute operating system (OS) commands on an affected device via Telnet.
• Remediation: Follow developer guidance.
• More Info: CVE-2024-40891
• PoC: https://vulncheck.com/blog/zyxel-telnet-vulns

References

This list was scraped from the quite amazing and highly recommended newsletters below:

• ~this week in security~
• Unsupervised Learning
• @RISK
• Hive Five
• Vulnerable U
• tl;dr sec

Thanks for reading! For corrections, omissions (e.g. newsletter recs) feel free to get in touch.