The most featured CVEs in this week’s security newsletters, with public Proof-of-Concepts, ordered by mention count. Older CVEs, trivially exploitable vulnerabilities (such as using hard-coded credentials) and those affecting open source projects with very small userbases aren’t listed.

For the most up-to-date and accurate info, visit the NIST links. Always audit PoCs thoroughly before running them.

CVE-2025-3248

• Severity: 9.8 CRITICAL
• Impacted Products: Langflow versions prior to 1.3.0
• Description: Code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code.
• Remediation: Follow developer advice.
• More Info: NVD - CVE-2025-3248
• PoC: https://github.com/langflow-ai/langflow/blob/1.2.0/src/backend/base/langflow/utils/validate.py

N.B. this poc links to the vulnerable code, exploit code to add as I find it.

CVE-2025-2945

• Severity: 9.9 CRITICAL
• Impacted Products: pgAdmin 4 (Query Tool and Cloud Deployment modules)
• Description: The vulnerability is associated with the 2 POST endpoints; /sqleditor/query_tool/download, where the query_commited parameter and /cloud/deploy endpoint, where the high_availability parameter is unsafely passed to the Python eval() function, allowing arbitrary code execution. This issue affects pgAdmin 4: before 9.2.
• Remediation: Follow developer advice.
• More Info: NVD - CVE-2025-2945
• PoC: https://github.com/pyozzi-toss/poc/

CVE-2025-29062 & CVE-2025-2945

• Severity: 9.9 CRITICAL
• Impacted Products: BL-AC2100 V1.0.4 and before
• Description: Arbitrary code execution via the enable parameter passed to /goform/set_hidessid_cfg and set_LimitClient_cfg.
• Remediation: Follow developer advice.
• More Info: NVD - CVE-2025-29062 NVD - CVE-2025-2945
• PoCs: https://www.yuque.com/jichujiliangdanwei/vwbq9e/grfgkm2kvk6btwbp# https://www.yuque.com/jichujiliangdanwei/vwbq9e/ux1426h170rhgfn7#

CVE-2025-28146

• Severity: 9.8 CRITICAL
• Impacted Products: Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3 1.0.15
• Description: Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3 1.0.15 was discovered to contain a command injection vulnerability via fota_url in /boafrm/formLtefotaUpgradeQuectel
• Remediation: Follow developer advice.
• More Info: NVD - CVE-2025-28146
• PoC: https://github.com/regainer27/edimax-br-6478ac_v3-br-6478ac_v3_1.0.15/tree/main/3

References

This list was scraped from the quite amazing and highly recommended newsletters below:

• ~this week in security~
• Unsupervised Learning
• @RISK
• Hive Five
• Vulnerable U
• tl;dr sec

Thanks for reading! For corrections, omissions (e.g. newsletter recs) feel free to get in touch.