CVE-2026-35507 | milesmcc Shynet up to 0.13.x Password Reset Host less trusted source

Inserito da Angelo Barbosa | Apr 3, 2026 | CVE

A vulnerability described as problematic has been identified in milesmcc Shynet up to 0.13.x. This affects an unknown function of the component Password Reset Handler. Executing a manipulation of the argument Host can lead to use of less trusted source.

This vulnerability is handled as CVE-2026-35507. The attack can be executed remotely. There is not any exploit available.

Upgrading the affected component is recommended.

CVE-2026-35507 | milesmcc Shynet up to 0.13.x Password Reset Host less trusted source

Post correlati

CVE-2024-3368 | All in One SEO Plugin up to 4.6.1.0 on WordPress Post Field cross site scripting

CVE-2024-1804 | Tutor LMS Plugin up to 2.2.0 on WordPress tutor_import_from_xml authorization

CVE-2025-24705 | Arshid WooCommerce Quick View Plugin up to 1.1.1 on WordPress authorization

CVE-2024-37140 | Dell PowerProtect DD prior 8.0 os command injection (dsa-2024-219)