@agentholdings/agent-passport (=0.1.0), @flomesh/ztm-chat (>=2026.3.25 <=2026.3.26) +10 more potentially affected by CVE-2026-35665 via openclaw (>=0.0.1 <=2026.3.24-beta.2)

openclaw NPM version =0.0.1, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =3.3.2, =3.3.7 Source cves: CVE-2026-35665 Source advisory: OSV:GHSA-W6M8-CQVJ-PG5V...

CVE-2026-35665

creationtimestamp| type| source ---|---|--- 2026-03-30 18:32:03+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-w6m8-cqvj-pg5v 2026-04-10 18:30:27+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mj5xduwea22t...

CVE-2024-35665

Missing Authorization vulnerability in namithjawahar Insert Post Ads.This issue affects Insert Post Ads: from n/a through 1.3.2...

CVE-2024-35665

CVE-2024-35665: Missing Authorization in Insert Post Ads (WordPress plugin) affects version range up to 1.3.2. Public technical details are limited; the vulnerability is described as Missing Authorization with CVSS 5.3 (Network, Low complexity, None privileges, No user interaction, Integrity impa...

CVE-2023-35665

In multiple files, there is a possible way to import a contact from another user due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-35665

In multiple files, there is a possible way to import a contact from another user due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-35665

CVE-2023-35665 describes a local elevation-of-privilege in Android where a missing permission check across multiple files allows importing a contact from another user. The issue enables privilege escalation without additional execution privileges and without user interaction. The connected source...

TerraMaster TOS 4.2.06 or lower - Unauthenticated Remote Code Execution

This module exploits an unauthenticated remote code-execution vulnerability in TerraMaster TOS 4.2.06 and lower via shell metacharacters in the Event parameter at vulnerable endpoint include/makecvs.php during CSV creation. Any unauthenticated user can therefore execute commands on the system und...

CVE-2020-35665

creationtimestamp| type| source ---|---|--- 2023-06-09 23:11:26+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/terramasterunauthrcecve202035665.rb 2024-10-25 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities -...

CVE-2022-35665

creationtimestamp| type| source ---|---|--- 2022-08-11 18:38:24+00:00| seen| https://t.me/cibsecurity/47996...

CVE-2022-35665

CVE-2022-35665 is a Use-After-Free vulnerability in Adobe Acrobat Reader affecting multiple legacy releases (e.g., 22.001.20169 and earlier; 20.005.30362 and earlier; 17.012.30249 and earlier). The underlying issue is a use-after-free in memory management that can lead to arbitrary code execution...

Adobe Acrobat < 17.012.30262 / 20.005.30381 / 22.002.20191 Multiple Vulnerabilities (APSB22-39)

The version of Adobe Acrobat installed on the remote Windows host is a version prior to 17.012.30262, 20.005.30381, or 22.002.20191. It is, therefore, affected by multiple vulnerabilities. - Adobe Acrobat Reader versions 22.001.20169 and earlier, 20.005.30362 and earlier and 17.012.30249 and...

Adobe Acrobat and Reader Use After Free (APSB22-39: CVE-2022-35665)

A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

CVE-2021-35665

Vulnerability in the Hyperion Financial Reporting product of Oracle Hyperion component: Repository. The supported version that is affected is 11.2.6.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Hyperion Financial Reporting...

CVE-2021-35665

Vulnerability in the Hyperion Financial Reporting product of Oracle Hyperion component: Repository. The supported version that is affected is 11.2.6.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Hyperion Financial Reporting...

CVE-2021-35665

Oracle Hyperion Financial Reporting (Repository component) is affected in version 11.2.6.0. The vulnerability allows an unauthenticated attacker with network access via HTTP to compromise the product, with user interaction required, potentially leading to unauthorized update/insert/delete and rea...

CVE-2020-35665

An unauthenticated command-execution vulnerability exists in TerraMaster TOS through 4.2.06 via shell metacharacters in the Event parameter in include/makecvs.php during CSV creation...

CVE-2020-35665

Summary: CVE-2020-35665 affects TerraMaster TOS 4.2.06 and earlier. An unauthenticated remote code execution is possible via shell metacharacters in the Event parameter processed during CSV creation in include/makecvs.php. The vulnerability allows an attacker to execute commands on the system wit...

CVE-2020-35665

An unauthenticated command-execution vulnerability exists in TerraMaster TOS through 4.2.06 via shell metacharacters in the Event parameter in include/makecvs.php during CSV creation...