@0xwork/connect (>=0.1.0 <=0.1.7), @agentholdings/agent-passport (>=0.1.0 <=0.1.5) +21 more potentially affected by CVE-2026-43577 via openclaw (>=2026.3.22 <=2026.4.5)

openclaw NPM version =2026.3.22, =0.1.0, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =0.0.0, =27.2.5, =1.1.0, =2.1.3, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =0.2.18 and more Source cves: CVE-2026-43577 Source advisory: SNYK:JS-OPENCLAW-16438147...

CVE-2026-43577

OpenClaw is affected by a file-read vulnerability prior to version 2026.4.9. The issue allows an attacker to bypass navigation guards via browser act/evaluate interactions, pivot into the local CDP origin, and create or read disallowed file:// pages despite navigation policy restrictions. Impact ...

CVE-2025-43577

Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...

CVE-2025-43577

Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...

CVE-2025-43577 Acrobat Reader | Use After Free (CWE-416)

Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...

CVE-2025-43577

CVE-2025-43577 affects Adobe Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier. The described issue is a Use After Free vulnerability that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim opens a mal...

CVE-2025-43577 Acrobat Reader | Use After Free (CWE-416)

Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...

CVE-2021-43577

Jenkins OWASP Dependency-Check Plugin 5.1.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

Microsoft Edge (Chromium-Based) Multiple Vulnerabilities (Oct-3 2024)

Microsoft Edge Chromium-Based is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2024-43577

creationtimestamp| type| source ---|---|--- 2024-10-19 02:06:50+00:00| seen| https://t.me/cvedetector/8346 2025-01-23 02:02:33+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2686 2025-06-16 03:35:26+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/18395...

CVE-2024-43577

Microsoft Edge Chromium-based Spoofing Vulnerability...

CVE-2024-43577 Microsoft Edge (Chromium-based) Spoofing Vulnerability

...

CVE-2023-43577

creationtimestamp| type| source ---|---|--- 2024-01-04 13:07:35+00:00| seen| https://t.me/arpsyndicate/2461...

CVE-2023-43577

A buffer overflow was reported in the ReFlash module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code...

CVE-2023-43577

CVE-2023-43577 concerns a buffer overflow in the ReFlash module of some Lenovo Desktop products, allowing a local attacker with elevated privileges to execute arbitrary code. The vulnerability is described across multiple sources as a local-privilege-elevation issue affecting Lenovo Desktops; exa...

CVE-2021-43577

creationtimestamp| type| source ---|---|--- 2021-11-12 14:38:53+00:00| seen| https://t.me/cibsecurity/32299...

CVE-2021-43577

Jenkins OWASP Dependency-Check Plugin 5.1.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

CVE-2021-43577

Summary: Jenkins OWASP Dependency-Check Plugin (version 5.1.1 and earlier) suffers an XXE flaw because its XML parser is not configured to block external entities. Impact (as described): a crafted XML file could cause Jenkins to parse external entities, enabling potential exposure of secrets and,...

CVE-2021-43577

Jenkins OWASP Dependency-Check Plugin 5.1.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...