The most featured CVEs in this week’s security newsletters, with public Proof-of-Concepts, ordered by mention count.

For the most up-to-date and accurate info, visit the NIST links. Always audit PoCs thoroughly before running them. Follow links with caution.

CVE-2025-69286 NEW

• Severity: 8.1 HIGH
• Impacted Products: RAGFlow, versions prior to 0.22.0
• Description: RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. In versions prior to 0.22.0, the use of an insecure key generation algorithm in the API key and beta (assistant/agent share auth) token generation process allows these tokens to be mutually derivable. Specifically, both tokens are generated using the same URLSafeTimedSerializer with predictable inputs, enabling an unauthorized user who obtains the shared assistant/agent URL to derive the personal API key.
• Remediation:
  • https://github.com/infiniflow/ragflow/commit/a3bb4aadcc3494fb27f2a9933b4c46df8eb532e6
• More Info: NVD - CVE-2025-69286
• PoC:
  • https://github.com/infiniflow/ragflow/security/advisories/GHSA-9j5g-g4xm-57w7

CVE-2025-68926 NEW

• Severity: 9.8 CRITICAL
• Impacted Products: RustFS versions prior to 1.0.0-alpha.77
• Description: RustFS is affected by a hard-coded credentials vulnerability within its gRPC authentication mechanism that allows for a complete security bypass. This flaw enables remote attackers to authenticate to the system using a publicly available static token.
• Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
• More Info: NVD - CVE-2025-68926
• PoC:
  • https://github.com/Chocapikk/CVE-2025-68926
  • https://github.com/Arcueld/CVE-2025-68926

CVE-2025-65212 NEW

• Severity: 9.8 CRITICAL
• Impacted Products: NJHYST HY511 POE core before 2.1, plugins before 0.1
• Description: An issue was discovered in NJHYST HY511 POE core before 2.1 and plugins before 0.1. The vulnerability stems from the device’s insufficient cookie verification, allowing an attacker to directly request the configuration file address and download the core configuration file without logging into the device management backend.
• Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
• More Info: NVD - CVE-2025-65212
• PoC:
  • https://github.com/a2148001284/test1/blob/main/%E6%9C%AA%E6%8E%88%E6%9D%83%E8%AE%BF%E9%97%AE%E5%90%8E%E5%8F%B0%E6%BC%8F%E6%B4%9EEN.md

CVE-2025-50343 NEW

• Severity: 9.8 CRITICAL
• Impacted Products: matio 1.5.28
• Description: An issue was discovered in matio 1.5.28. A heap-based memory corruption can occur in Mat_VarCreateStruct() when the nfields value does not match the actual number of strings in the fields array. This leads to out-of-bounds reads and invalid memory frees during cleanup, potentially causing a segmentation fault or heap corruption.
• Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
• More Info: NVD - CVE-2025-50343
• PoC:
  • https://github.com/zakkanijia/POC/blob/main/matio/CVE-2025-50343/matio.md

CVE-2025-14998 NEW

• Severity: 9.8 CRITICAL
• Impacted Products: Branda plugin for WordPress, 3.4.24
• Description: The Branda plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.4.24. This is due to the plugin not properly validating a user’s identity prior to updating their password. This makes it possible for unauthenticated attackers to change arbitrary user’s passwords, including administrators, and leverage that to gain access to their account.
• Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
• More Info: NVD - CVE-2025-14998
• PoC:
  • https://github.com/KTN1990/CVE-2025-14998

CVE-2025-14847

• Severity: 8.6 HIGH
• Impacted Products: MongoDB Server
• Description: MongoDB Server is affected by an information disclosure vulnerability due to improper handling of length parameters in Zlib compressed protocol headers. This flaw allows an unauthenticated remote client to read uninitialized heap memory from the server.
• Remediation:
  • [SERVER-115508] Make minimally sized buffers for uncompressed Messages - MongoDB Jira
• More Info: NVD - CVE-2025-14847
• PoC:
  • https://github.com/NoNameError/MongoBLEED---CVE-2025-14847-POC-
  • https://github.com/Ashwesker/Ashwesker-CVE-2025-14847/blob/main/CVE-2025-14847.py
  • https://github.com/ProbiusOfficial/CVE-2025-14847

References

This list was scraped from the quite amazing and highly recommended newsletters below:

• ~this week in security~
• Unsupervised Learning
• @RISK
• Hive Five
• Vulnerable U
• tl;dr sec

Thanks for reading! For corrections, omissions (e.g. newsletter recs) feel free to get in touch.