CVE-2026-35507

Publication date

2026-04-03 01:00:35

Family

mitre

State

PUBLISHED

Description

Shynet before 0.14.0 allows Host header injection in the password reset flow.