CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

RedhatCVE•added 2026/04/04 4:59 a.m.•1 views

CVE-2026-35507

Shynet before 0.14.0 allows Host header injection in the password reset flow...

6.5CVSS5.9AI score0.00016EPSS

Exploits0References1

RedhatCVE•added 2026/04/04 4:59 a.m.•3 views

CVE-2026-35508

Shynet before 0.14.0 allows XSS in urldisplay and iconify template filters,...

6.1CVSS5.9AI score0.00032EPSS

Exploits0References1

EUVD•added 2026/04/03 3:31 a.m.•2 views

EUVD-2026-18568

Shynet before 0.14.0 allows XSS in urldisplay and iconify template filters,...

5.4CVSS5.9AI score0.00032EPSS

Exploits0References3

EUVD•added 2026/04/03 3:31 a.m.•1 views

EUVD-2026-18566

Shynet before 0.14.0 allows Host header injection in the password reset flow...

6.4CVSS5.9AI score0.00016EPSS

Exploits0References3

NVD•added 2026/04/03 2:16 a.m.•0 views

CVE-2026-35507

Shynet before 0.14.0 allows Host header injection in the password reset flow...

6.5CVSS0.00016EPSS

Exploits0References2

NVD•added 2026/04/03 2:16 a.m.•1 views

CVE-2026-35508

Shynet before 0.14.0 allows XSS in urldisplay and iconify template filters,...

6.1CVSS0.00032EPSS

Exploits0References2

ATTACKERKB•added 2026/04/03 1:13 a.m.•2 views

CVE-2026-35508

Shynet before 0.14.0 allows XSS in urldisplay and iconify template filters,...

5.4CVSS5.9AI score0.00032EPSS

Exploits0References3

CVE•added 2026/04/03 1:13 a.m.•6 views

CVE-2026-35508

CVE-2026-35508 affects Shynet prior to version 0.14.0. The vulnerability is an XSS in the urldisplay and iconify template filters, caused by improper handling in the template rendering paths. The CVSS3.1 vector (AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N) yields a base score of 5.4 (Medium) with network...

6.1CVSS5.9AI score0.00032EPSS

Exploits0References2Affected Software1

Cvelist•added 2026/04/03 1:13 a.m.•13 views

CVE-2026-35508

Shynet before 0.14.0 allows XSS in urldisplay and iconify template filters,...

5.4CVSS0.00032EPSS

Exploits0References2

Vulnrichment•added 2026/04/03 1:13 a.m.•1 views

CVE-2026-35508

Shynet before 0.14.0 allows XSS in urldisplay and iconify template filters,...

5.4CVSS5.9AI score0.00032EPSS

Exploits0References2

Vulnrichment•added 2026/04/03 1:0 a.m.•0 views

CVE-2026-35507

Shynet before 0.14.0 allows Host header injection in the password reset flow...

6.4CVSS5.9AI score0.00016EPSS

Exploits0References2

ATTACKERKB•added 2026/04/03 1:0 a.m.•0 views

CVE-2026-35507

Shynet before 0.14.0 allows Host header injection in the password reset flow...

6.4CVSS5.9AI score0.00016EPSS

Exploits0References3

CVE•added 2026/04/03 1:0 a.m.•3 views

CVE-2026-35507

CVE-2026-35507 affects Shynet before version 0.14.0. The issue is a Host header injection flaw in the password reset flow, with a CVSS 3.1 base score of 6.4 (Network, High impact on integrity; Low on confidentiality and availability; User interaction required). Root cause is insecure Host header ...

6.5CVSS5.9AI score0.00016EPSS

Exploits0References2Affected Software1

Cvelist•added 2026/04/03 1:0 a.m.•12 views

CVE-2026-35507

Shynet before 0.14.0 allows Host header injection in the password reset flow...

6.4CVSS0.00016EPSS

Exploits0References2

CNNVD•added 2026/04/03 12:0 a.m.•2 views

shynet 跨站脚本漏洞

Shynet is a self-hosted website analysis tool developed by R. Miles McCain. Versions of Shynet prior to 0.14.0 contained a cross-site scripting vulnerability, which originated from the urldisplay and iconify template filters having cross-site scripts...

6.1CVSS5.7AI score0.00032EPSS

Exploits0References2

CNNVD•added 2026/04/03 12:0 a.m.•2 views

shynet 安全漏洞

Shynet is a self-hosted website analysis tool developed by R. Miles McCain. Versions of Shynet prior to 0.14.0 contained security vulnerabilities, which were caused by a header injection vulnerability in the password reset process...

6.5CVSS5.8AI score0.00016EPSS

Exploits0References2