PoC Week 2025-07-07
The most featured CVEs in this week’s security newsletters, with public Proof-of-Concepts, ordered by mention count. Older CVEs, trivially exploitable vulnerabilities (such as using hard-coded credentials) and those affecting open source projects with very small userbases aren’t listed.
For the most up-to-date and accurate info, visit the NIST links. Always audit PoCs thoroughly before running them.
CVE-2025-6554
- Severity: 7.5 HIGH
- Impacted Products: Google Chrome prior to 138.0.7204.96
- Description: Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page.
- Remediation: Follow developer advice.
- More Info: NVD - CVE-2025-6554
- PoC: https://github.com/windz3r0day/CVE-2025-6554
References
This list was scraped from the quite amazing and highly recommended newsletters below:
Thanks for reading! For corrections, omissions (e.g. newsletter recs) feel free to get in touch.