CVE-2026-35507
CVE-2026-35507 affects Shynet before version 0.14.0. The issue is a Host header injection flaw in the password reset flow, with a CVSS 3.1 base score of 6.4 (Network, High impact on integrity; Low on confidentiality and availability; User interaction required). Root cause is insecure Host header ...