ROOT-APP-NPM-CVE-2026-27959 CVE-2026-27959 in @rootio/koa - Patched by Root

Root has patched CVE-2026-27959 in the @rootio/koa package for Root:npm. Multiple fixed versions available...

@akash-aw/aw-wizard-forms (=4.14.0), @alfresco/aca-generators (>=1.0.0 <=1.0.1) +134 more potentially affected by CVE-2026-27959 via koa (>=3.0.0 <=3.1.1)

koa NPM version =3.0.0, =1.0.0, =1.0.0, =0.44.0, =0.0.0-nightly-20260213031600, =0.0.0-nightly-20260317031259, =0.0.0-nightly-20260317031259, =0.0.0-nightly-20260213031600, =2025.12.1, =2.23.0, =0.0.1, =0.20.0, =0.0.5, =2026.1.2, =2.0.0, =2.0.1 and more Source cves: CVE-2026-27959 Source advisory...

@10xsai/cloudflare-router-nx-plugin (=1.0.0), @24hr/content-next (>=1.0.0 <=3.0.17) +1048 more potentially affected by CVE-2026-27959 via koa (>=2.0.0-alpha.3 <=2.16.3)

koa NPM version =2.0.0-alpha.3, =1.0.0, =0.0.4, =3.10.1, =3.7.0, =0.0.1, =0.2.9, =4.25.19-patch.1, =0.0.1, =0.0.1, =0.0.50, =0.0.7, =0.0.94 - @asmv/koa =0.1.0-draft and more Source cves: CVE-2026-27959 Source advisory: SNYK:JS-KOA-15353398...

CVE-2026-27959

creationtimestamp| type| source ---|---|--- 2026-02-26 04:24:46+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfqe22kw3c26 2026-02-27 02:40:18+00:00| seen| https://gist.github.com/alon710/9c24edd6758ed34c527e00be66673a79 2026-02-28 15:40:09+00:00| seen|...

CVE-2023-27959

The issue was addressed with improved memory handling. This issue is fixed in iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges...

CVE-2024-27959 WordPress APIExperts Square for WooCommerce plugin <= 4.2.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wpexpertsio WC Shop Sync – Integrate Square and WooCommerce for Seamless Shop Management allows Reflected XSS.This issue affects WC Shop Sync – Integrate Square and WooCommerce for Seamless Shop...

CVE-2024-27959 WordPress APIExperts Square for WooCommerce plugin <= 4.2.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wpexpertsio WC Shop Sync – Integrate Square and WooCommerce for Seamless Shop Management allows Reflected XSS.This issue affects WC Shop Sync – Integrate Square and WooCommerce for Seamless Shop...

CVE-2024-27959

CVE-2024-27959 — Affected: WC Shop Sync – Integrate Square and WooCommerce for Seamless Shop Management. Root cause: Improper neutralization of input during web page generation, enabling a reflected XSS. Affected versions: up to 4.2.9 (n/a through 4.2.9). Status: The vulnerability has been report...

CVE-2023-27959

creationtimestamp| type| source ---|---|--- 2023-05-09 00:38:25+00:00| seen| https://t.me/cibsecurity/63479...

CVE-2023-27959

The issue was addressed with improved memory handling. This issue is fixed in iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges...

CVE-2023-27959

The issue was addressed with improved memory handling. This issue is fixed in iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges...

CVE-2023-27959

The issue was addressed with improved memory handling. This issue is fixed in iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges...

CVE-2023-27959

CVE-2023-27959 affects Apple iOS and iPadOS kernels. The vulnerability could allow an app to execute arbitrary code with kernel privileges due to memory handling issues. Apple’s advisories confirm the fix is implemented in iOS 16.4 and iPadOS 16.4. Affected component: Apple Neural Engine entries ...