Critical severity9.8NVD Advisory· Published Feb 17, 2026· Updated Apr 15, 2026
CVE-2026-1670
CVE-2026-1670
Description
The affected products are vulnerable to an unauthenticated API endpoint exposure, which may allow an attacker to remotely change the "forgot password" recovery email address.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.