EUVD-2025-210103

The Animation Addons for Elementor – GSAP Powered Elementor Addons & Website Templates plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the multiple parameters in all versions up to, and including, 2.6.7 due to insufficient input sanitization and output escaping. Th...

PT-2026-48374

The Animation Addons for Elementor – GSAP Powered Elementor Addons & Website Templates plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the multiple parameters in all versions up to, and including, 2.6.7 due to insufficient input sanitization and output escaping. Th...

WordPress plugin Animation Addons for Elementor – GSAP Powered Elementor Addons & Website Templates 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

WordPress Animation Addons for Elementor plugin <= 2.6.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by zer0gh0st in WordPress Plugin Animation Addons for Elementor versions = 2.6.8...

SUSE CVE-2026-10992

Insufficient data validation in Animation in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-10992

An insufficient data validation flaw was found in the Animation component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=493534964...

CVE-2026-8872

The Animate Your Content plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'animation-set' shortcode in versions up to, and including, 1.0.0. This is due to insufficient input sanitization and output escaping on user supplied attributes in the...

Chromium: CVE-2026-10992 Insufficient data validation in Animation

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

EUVD-2026-34441

Insufficient data validation in Animation in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

DEBIAN-CVE-2026-10992

Insufficient data validation in Animation in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-10992

CVE-2026-10992 affects Google Chrome (Chromium-based) prior to 149.0.7827.53, where insufficient data validation in the Animation component may allow a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. The vulnerability is linked to the Chrom...

CVE-2026-10992

Insufficient data validation in Animation in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-10992

Insufficient data validation in Animation in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-10992

Insufficient data validation in Animation in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

SAMSUNG rLottie 安全漏洞

SAMSUNG rLottie is a platform-independent C++ library developed by Samsung Electronics of South Korea. It is used for real-time rendering of vector-based animations and art. A previous version of SAMSUNG rLottie had a security vulnerability caused by a stack-based buffer overflow, which could lea...

PT-2026-46521

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient data validation in the Animation component allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability. This vulnerability stemmed from insufficient data validation in the Animation component, which could allow remote attackers to obtain sensitive information...

CVE-2026-0036

In startAnimation of StageCoordinator.java, there is a possible tapjacking issue due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Malicious Package

Overview tailwindcss-basic-animation is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

Malicious code in tailwindcss-basic-animation (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fa0cc72271b87587b2d58ff45625dfa9df9f8e4547b68096d359757e68b8946f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...