Skip to main content
CVE-2025-5555 HIGH This Week

Stack-based buffer overflow in Wincor Nixdorf PORT IO Driver versions up to 1.0.0.1 allows local authenticated attackers with low privileges to achieve arbitrary code execution with kernel-level permissions. The vulnerability exists in the sub_11100 function of the wnport.sys kernel driver's IOCTL handler. Public exploit code is available (CVSS E:P). Vendor has released version 3.0.0.1 to address this issue. EPSS data not available, not listed in CISA KEV, suggesting targeted rather than widespread exploitation despite public POC.

Buffer Overflow
NVD VulDB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2025-11361 MEDIUM This Month

Server-Side Request Forgery in Gutenberg Essential Blocks plugin for WordPress allows authenticated attackers with Author-level or higher privileges to make arbitrary web requests originating from the vulnerable server via the eb_save_ai_generated_image function, enabling reconnaissance and manipulation of internal services. Affects all versions up to 5.7.1 with CVSS 6.4 severity; no active KEV status or public exploit code confirmed at time of analysis.

WordPress SSRF
NVD
CVSS 3.1
6.4
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy