The most featured CVEs in this week’s security newsletters, with public Proof-of-Concepts, ordered by mention count. Older CVEs, trivially exploitable vulnerabilities (such as using hard-coded credentials) and those affecting open source projects with very small userbases aren’t listed.

For the most up-to-date and accurate info, visit the NIST links. Always audit PoCs thoroughly before running them.

CVE-2025-64446 & CVE-2025-58034

• Severity: 9.8 CRITICAL
• Impacted Products: Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11
• Description: CVE-2025-64446: A relative path traversal vulnerability may allow an attacker to execute administrative commands on the system via crafted HTTP or HTTPS requests. CVE-2025-58034: Authenticated OS Command Injection An authenticated attacker (using the account created in step 1) can execute arbitrary OS commands as root via crafted HTTP requests.
• Remediation: Follow developer advice.
• More Info: NVD - CVE-2025-64446 NVD - CVE-2025-58034
• PoC: https://github.com/lincemorado97/CVE-2025-64446_CVE-2025-58034/

CVE-2025-62215

• Severity: 7.0 HIGH
• Impacted Products: Windows Kernel
• Description: Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Kernel allows an authorized attacker to elevate privileges locally.
• Remediation: Follow developer advice.
• More Info: NVD - CVE-2025-62215
• PoC: https://github.com/mrk336/Kernel-Chaos-Weaponizing-CVE-2025-62215-for-SYSTEM-Privilege-Escalation/

CVE-2025-63666

• Severity: 7.0 HIGH
• Impacted Products: Tenda AC15 v15.03.05.18_multi
• Description: Product issues an authentication cookie that exposes the account password hash to the client and uses a short, low-entropy suffix as the session identifier. An attacker with network access or the ability to run JS in a victim browser can steal the cookie and replay it to access protected resources.
• Remediation: Follow developer advice.
• More Info: NVD - CVE-2025-63666
• PoC: https://github.com/Remenis/CVE-2025-63666/

CVE-2025-64459

• Severity: 9.1 CRITICAL
• Impacted Products: Django 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8
• Description: The methods QuerySet.filter(), QuerySet.exclude(), and QuerySet.get(), and the class Q(), are subject to SQL injection when using a suitably crafted dictionary, with dictionary expansion, as the _connector argument. Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected.
• Remediation: Follow developer advice.
• More Info: NVD - CVE-2025-64459
• PoC: https://github.com/nunpa/CVE-2025-64459/

CVE-2025-63679

• Severity: 5.5 MEDIUM
• Impacted Products: free5gc v4.1.0 and before
• Description: Buffer Overflow. When AMF receives an UplinkRANConfigurationTransfer NGAP message from a gNB, the AMF process crashes.
• Remediation: Follow developer advice.
• More Info: NVD - CVE-2025-63679
• PoC: https://gist.github.com/DDGod2025/5483d94b028d7a0c111ca23844e8a94d

CVE-2025-12762

• Severity: 9.8 CRITICAL
• Impacted Products: pgAdmin versions up to 9.9
• Description: Remote Code Execution (RCE) vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on the server hosting pgAdmin, posing a critical risk to the integrity and security of the database management system and underlying data.
• Remediation: Follow developer advice.
• More Info: NVD - CVE-2025-12762
• PoC: https://github.com/B1ack4sh/Blackash-CVE-2025-12762/

CVE-2025-12539

• Severity: 10.0 CRITICAL
• Impacted Products: TNC Toolbox plugin for Wordpress <= 1.4.2
• Description: The TNC Toolbox: Web Performance plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.2. This is due to the plugin storing cPanel API credentials (hostname, username, and API key) in files within the web-accessible wp-content directory without adequate protection in the “Tnc_Wp_Toolbox_Settings::save_settings” function. This makes it possible for unauthenticated attackers to retrieve these credentials and use them to interact with the cPanel API, which can lead to arbitrary file uploads, remote code execution, and full compromise of the hosting environment.
• Remediation: Follow developer advice.
• More Info: NVD - CVE-2025-12539
• PoC: https://github.com/Nxploited/CVE-2025-12539

CVE-2025-12101

• Severity: 5.9 Medium
• Impacted Products: NetScaler Gateway
• Description: Cross-Site Scripting (XSS) in NetScaler ADC and NetScaler Gateway when the appliance is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
• Remediation: Follow developer advice.
• More Info: NVD - CVE-2025-12101
• PoC: https://github.com/6h4ack/CVE-2025-12101-checker/

References

This list was scraped from the quite amazing and highly recommended newsletters below:

• ~this week in security~
• Unsupervised Learning
• @RISK
• Hive Five
• Vulnerable U
• tl;dr sec

Thanks for reading! For corrections, omissions (e.g. newsletter recs) feel free to get in touch.