CVE-2026-35543

The CVE affects Roundcube Webmail versions before 1.5.14 and 1.6.14. The issue allows bypassing the remote image blocking feature via SVG content (with animate attributes) in an e-mail message, which can lead to information disclosure or an access-control bypass. Remediation details documented in...

EUVD-2026-18104

V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::convAnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product...

CVE-2026-32928

V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::convAnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product...

CVE-2026-32928

V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::convAnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product...

CVE-2026-32928

The CVE-2026-32928 entry affects FUJI Electric V-SFT (versions 6.2.10.0 and earlier). The root cause is a stack-based buffer overflow in VS6ComFile!CSaveData::_conv_AnimationItem when processing a crafted V7 file. Impact per the sources is potential arbitrary code execution on the affected produc...

CVE-2026-32928

V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::convAnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product...

CVE-2026-32928

V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::convAnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product...

PT-2026-29649

CVE-2026-32928 V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData:: conv AnimationItem. Opening a crafted V7 file may lead to arbitrary … https://t.co/R460FJw3tQ...

Fuji Electric V-SFT 安全漏洞

Fuji Electric V-SFT is a screen configuration software developed by Fuji Electric, a Japanese company. Versions of Fuji Electric V-SFT 6.2.10.0 and earlier contain security vulnerabilities. These vulnerabilities stem from a stack buffer overflow in the VS6ComFile!CSaveData::convAnimationItem...

Malicious Package

Overview tailwind-animationbasis is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packa...

PT-2026-35858

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.138 Description A use after free issue exists in Animation, which allows a remote attacker to execute arbitrary code inside a sandbox by utilizing a crafted HTML page. Use after free is a memory...

WordPress plugin Greenshift - animation and page builder blocks information disclosure vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Greenshift - animation a...

Malicious code in tailwind-mainanimation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64236873269f6da90599a0e0136ce22979e4bbfd8103cf4850e42c1179ae6cb5 The package tailwind-mainanimation was found to contain malicious code. Source: ghsa-malware...

Malicious Package

Overview tailwindcss-animation-advanced is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and thi...

MAL-2026-1401 Malicious code in tailwindcss-animation-advanced (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6ce5cca16e60f9958f552f1a26e24d39638ac246580074b3125b8867e9769f3b The package tailwindcss-animation-advanced was found to contain malicious code. Source: ghsa-malware...

Malicious code in tailwindcss-animation-advanced (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6ce5cca16e60f9958f552f1a26e24d39638ac246580074b3125b8867e9769f3b The package tailwindcss-animation-advanced was found to contain malicious code. Source: ghsa-malware...

Malicious Package

Overview tailwind-mainanimation is a malicious package. Upon installation, it silently injects obfuscated JavaScript into the end of legitimate project configuration files like tailwind.config.js. To evade detection, the malware rewrites git history, forging timestamps so the malicious commit...

EUVD-2026-10893

SiYuan has a SVG Sanitizer Bypass via Element — Unauthenticated XSS...

CVE-2026-31807

SiYuan is a personal knowledge management system. Prior to 3.5.10, SiYuan's SVG sanitizer SanitizeSVG blocks dangerous elements , , and removes on event handlers and javascript: in href attributes. However, it does NOT block SVG animation elements , which can dynamically set attributes to dangero...

PT-2026-24462

Name of the Vulnerable Software and Affected Versions SiYuan versions prior to 3.5.10 Description SiYuan is a personal knowledge management system. The SVG sanitizer SanitizeSVG in versions prior to 3.5.10 does not block SVG animation elements , , allowing attackers to dynamically set attributes ...