CVE-2026-35508: Shynet before 0.14.0 allows XSS in urldisplay and iconify template filters,

Description

Shynet before 0.14.0 allows XSS in urldisplay and iconify template filters,

Vendor	Product	Versions
milesmcc	shynet	0

Tier C

VulDB4d ago

→ No new info (linked only)

CVSS 3.15.4 MEDIUM

VectorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

CISA KEV❌ No

Actively exploited❌ No

Patch available

0.14.0

CWECWE-79

PublishedApr 3, 2026

Last enriched4d agov2

Trending Score13

Source articles1

Independent1

Info Completeness9/14

Missing: epss, kev, exploit, iocs, mitre_attack

Last enriched 4d ago

v2Tier C4d ago

Updated affected versions to 0.13.x, changed severity to HIGH, and noted that there is no available exploit.

affectedVersionsseverity

via VulDB

v14d ago

Initial creation