CVE-2026-35646

creationtimestamp| type| source ---|---|--- 2026-04-09 22:24:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mj3ty7lp232t...

@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (=0.8.3-beta.1) +11 more potentially affected by CVE-2026-35646 via openclaw (>=0.0.1 <=2026.3.24)

openclaw NPM version =0.0.1, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =3.3.2, =3.3.7 Source cves: CVE-2026-35646 Source advisory: OSV:GHSA-MF5G-6R6F-GHHM...

@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (=0.8.3-beta.1) +10 more potentially affected by CVE-2026-35646 via openclaw (>=2026.3.22 <=2026.3.24)

openclaw NPM version =2026.3.22, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.15.0 Source cves: CVE-2026-35646 Source advisory: SNYK:JS-OPENCLAW-15812232...

CVE-2022-35646

IBM Security Verify Governance, Identity Manager 10.0.1 software component could allow an authenticated user to modify or cancel any other user's access request using man-in-the-middle techniques. IBM X-Force ID: 231096...

EUVD-2025-35646

Not used...

MAL-2025-35646 Malicious code in test-mlw2-lamer-usure (npm)

The package test-mlw2-lamer-usure was found to contain malicious code...

Linux Distros Unpatched Vulnerability : CVE-2021-35646

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.26 and prior. Easily...

CVE-2024-35646

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Erez Hadas-Sonnenschein Smartarget Message Bar smartarget-message-bar.This issue affects Smartarget Message Bar: from n/a through = 1.5...

Security Bulletin: Security vulnerability has been fixed in IBM Security Verify Governance, Identity Manager Software component (CVE-2022-35646)

Summary IBM Security Verify Governance, Identity Manager Software component has addressed the following vulnerability: An authenticated user may be able modify or cancel any other user's access request. Vulnerability Details CVEID:CVE-2022-35646 DESCRIPTION: IBM Security Verify Governance, Identi...

CVE-2024-35646

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Erez Hadas-Sonnenschein Smartarget Message Bar smartarget-message-bar.This issue affects Smartarget Message Bar: from n/a through = 1.5...

CVE-2024-35646 WordPress Smartarget Message Bar plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Erez Hadas-Sonnenschein Smartarget Message Bar smartarget-message-bar.This issue affects Smartarget Message Bar: from n/a through = 1.5...

CVE-2024-35646

CVE-2024-35646 refers to a stored XSS vulnerability in the WordPress plugin Smartarget Message Bar. The available sources identify the issue as improper input neutralization during web page generation, allowing stored Cross‑Site Scripting for authenticated users (admin+). Affected versions are li...

WordPress Smartarget Message Bar Plugin <= 1.4 is vulnerable to Cross Site Scripting (XSS)

Software Smartarget Message Bar Type Plugin Vulnerable versions = 1.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-35646 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 8e4c1da011ed Credits Rayhan Ramdhany Hanaputra Required...

Rocky Linux 8 : mysql:8.0 (RLSA-2022:7119)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:7119 advisory. mysql: Server: DML multiple unspecified vulnerabilities CVE-2021-2478, CVE-2021-2479, CVE-2021-35591, CVE-2021-35607, CVE-2022-21301, CVE-2022-21413...

CVE-2023-35646

creationtimestamp| type| source ---|---|--- 2023-10-12 00:18:03+00:00| seen| https://t.me/cibsecurity/72159...

CVE-2023-35646

In TBD of TBD, there is a possible stack buffer overflow due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-35646

CVE-2023-35646 is documented in multiple sources as a stack buffer overflow in TBD components with missing bounds checks, enabling remote code execution without user interaction. In the Pixel security bulletin, this issue is mapped to the Shannon baseband on Google Pixel devices, classified as RC...

CVE-2022-35646

creationtimestamp| type| source ---|---|--- 2022-12-22 22:27:08+00:00| seen| https://t.me/cibsecurity/55171...

CVE-2022-35646 IBM Security Verify Governance, Identity Manager security bypass

IBM Security Verify Governance, Identity Manager 10.0.1 software component could allow an authenticated user to modify or cancel any other user's access request using man-in-the-middle techniques. IBM X-Force ID: 231096...

RHEL 8 : mysql:8.0 (RHSA-2022:7119)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7119 advisory. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and...