Vulnerability in Password Manager
CVE-2026-10836
Improper handling of HTTP headers that allows a remote attacker to manipulate the value of the Host header using specially crafted requests. A successful exploit could result in the generation of manipulated links or responses, potentially…
Affected products
- Password Manager — versions 0, 08/07/2025
Weakness classification (CWE)
References
- cve-coordination@incibe.es (patch)