CVE-2026-35508: Shynet before 0.14.0 allows XSS in urldisplay and iconify template filters,

Description

Shynet before 0.14.0 allows XSS in urldisplay and iconify template filters,

Vendor	Product	Versions
milesmcc	shynet	0, 0.13.x

Tier C

VulDB2h ago

→ No new info (linked only)

CVSS 3.15.4 HIGH

VectorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

CISA KEV❌ No

Actively exploited❌ No

Patch available

0.14.0

CWECWE-79

PublishedApr 3, 2026

Last enriched2h agov2

Trending Score28

Source articles2

Independent1

Info Completeness9/14

Missing: epss, kev, exploit, iocs, mitre_attack

Last enriched 2h ago

v2Tier C2h ago

Updated affected versions to 0.13.x, changed severity to HIGH, and noted that there is no available exploit.

affectedVersionsseverity

via VulDB

v15h ago

Initial creation