285 matches found
CVE-2026-27402
Unauthenticated Cross Site Scripting XSS in Kids Life | Children School WordPress = 5.2 versions...
CVE-2026-27402
CVE-2026-27402 refers to an unauthenticated Cross Site Scripting (XSS) vulnerability in the WordPress theme set for Kids Life | Children School, affected in versions
CVE-2026-27402 WordPress Kids Life | Children School WordPress theme <= 5.2 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Kids Life | Children School WordPress = 5.2 versions...
CVE-2025-69156
CVE-2025-69156 details unauthenticated Cross Site Scripting in the WordPress Kids Zone – Children WordPress Theme, affected Versions
PT-2026-54972
Unauthenticated Cross Site Scripting XSS in Kids Life | Children School WordPress = 5.2 versions...
EUVD-2026-40274
The Ajax Load More - Filters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'taxonomyincludechildren' parameter in all versions up to, and including, 3.4.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers t...
CVE-2026-8141 Ajax Load More - Filters <= 3.4.1 - Unauthenticated Stored Cross-Site Scripting via 'taxonomy_include_children' Field
The Ajax Load More - Filters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'taxonomyincludechildren' parameter in all versions up to, and including, 3.4.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers t...
CVE-2026-8141
CVE-2026-8141 affects the WordPress plugin “Ajax Load More - Filters” (v
CVE-2026-9219 Setracker2 Children's Smartwatch Ecosystem Generation of Predictable Numbers or Identifiers
Setracker2 Android Companion App com.tgelec.setracker versions 3.1.5 and prior have a predictable registration ID derived from IMEI. The enrollment system lacks additional authentication before assignment. If an attacker is able to obtain the registration ID, they would be able to arbitrarily...
Twig: Sandbox: multiple `__toString()` policy bypasses via unguarded string coercion points
Description SandboxNodeVisitor enforces SecurityPolicy::checkMethodAllowed for implicit toString calls by wrapping selected AST nodes in CheckToStringNode. The set of wrapped nodes is incomplete, and several Twig language constructs still trigger PHP string coercion on a Stringable operand withou...
GHSA-PR2W-4GPJ-CPQ4 Twig: Sandbox: multiple `__toString()` policy bypasses via unguarded string coercion points
Description SandboxNodeVisitor enforces SecurityPolicy::checkMethodAllowed for implicit toString calls by wrapping selected AST nodes in CheckToStringNode. The set of wrapped nodes is incomplete, and several Twig language constructs still trigger PHP string coercion on a Stringable operand withou...
SUSE CVE-2026-46107
In the Linux kernel, the following vulnerability has been resolved: dm-thin: fix metadata refcount underflow There's a bug in dm-thin in the function rebalancechildren. If the internal btree node has one entry, the code tries to copy all btree entries from the node's child to the node itself and...
CVE-2026-46107
A flaw was found in the Linux kernel's Device Mapper dm-thin component. This vulnerability, a metadata reference count underflow, occurs in the rebalancechildren function. When an internal btree node with a single entry is shared, the system incorrectly tracks the usage of child nodes. This can...
EUVD-2026-32866
In the Linux kernel, the following vulnerability has been resolved: dm-thin: fix metadata refcount underflow There's a bug in dm-thin in the function rebalancechildren. If the internal btree node has one entry, the code tries to copy all btree entries from the node's child to the node itself and...
UBUNTU-CVE-2026-46107
In the Linux kernel, the following vulnerability has been resolved: dm-thin: fix metadata refcount underflow There's a bug in dm-thin in the function rebalancechildren. If the internal btree node has one entry, the code tries to copy all btree entries from the node's child to the node itself and...
CVE-2026-46107
In the Linux kernel, the following vulnerability has been resolved: dm-thin: fix metadata refcount underflow There's a bug in dm-thin in the function rebalancechildren. If the internal btree node has one entry, the code tries to copy all btree entries from the node's child to the node itself and...
CVE-2026-46107
In Linux kernel dm-thin, a metadata refcount underflow in rebalance_children has been resolved. If an internal btree node with a single entry is shared (refcount > 1), downgrading the child without updating grandchildren leads to mismatched reference counts and can produce device mapper: space...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an undercounting of reference counts in the metadata of the rebalancechildren function within...
PT-2026-44230
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A bug exists in the rebalance children function within the dm-thin component. When an internal btree node contains a single entry, the system attempts to copy all btree entries from the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: netconsole: The sumutex should be acquired before navigating the configs hierarchy. There is a race between operations that iterate over the cgchildren list and concurrent additions/removals of userdata items through configfs. Th...