CVE-2026-10836

Vulnerability Description

Improper handling of HTTP headers that allows a remote attacker to manipulate the value of the Host header using specially crafted requests. A successful exploit could result in the generation of manipulated links or responses, potentially leading to limited information disclosure or compromising the integrity of dependent services.

Vulnerability Details

Published Date

June 17, 2026

Last Modified

June 17, 2026

CWE ID

CWE-644

Source

NVD

Vendor

Password Manager

Product

Password Manager

External References

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-password-manager

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment