LeakyCreds
NewInstant webhook alerts now available ā€” notified within seconds of any credential detection.Learn more ā†’
Home / Vulnerability Intelligence / CVE-2026-40905

CVE-2026-40905 - Vulnerability Analysis

HighCVSS: 8.1

Last Updated: April 21, 2026

LinkAce - Authentication Bypass

Published: April 21, 2026Updated: April 21, 2026Remote Exploitable

Overview

LinkAce < 2.5.4 contains a password reset poisoning vulnerability caused by improper trust of user-controlled X-Forwarded-Host header, letting attackers inject malicious domains in reset links to capture tokens and take over accounts, exploit requires victim to click malicious reset link.

Severity & Score

Severity: High
CVSS Score: 8.1
EPSS Score: 0.0%(Probability of exploitation in next 30 days)

Impact

Attackers can capture password reset tokens and fully take over victim accounts.

Mitigation

Upgrade to version 2.5.4 or later.

References

Social Media Activity(4 posts)

TheHackerWire
TheHackerWire
@thehackerwire
Apr 21, 2026

šŸŸ  CVE-2026-40905 - High (8.1) LinkAce is a self-hosted archive to collect website links. Prior to 2.5.4, a password reset poisoning vulnerability was identified in the application due to improper trust of user-controlled HTTP headers. The application uses the X-Forwarded-Host ... šŸ”— https://www.thehackerwire.com/vulnerability/CVE-2026-40905/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post
TheHackerWire
TheHackerWire
@thehackerwire
Apr 21, 2026

šŸŸ  CVE-2026-40905 - High (8.1) LinkAce is a self-hosted archive to collect website links. Prior to 2.5.4, a password reset poisoning vulnerability was identified in the application due to improper trust of user-controlled HTTP headers. The application uses the X-Forwarded-Host ... šŸ”— https://www.thehackerwire.com/vulnerability/CVE-2026-40905/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post
TheHackerWire
TheHackerWire
@thehackerwire
Apr 21, 2026

šŸŸ  CVE-2026-40905 - High (8.1) LinkAce is a self-hosted archive to collect website links. Prior to 2.5.4, a password reset poisoning vulnerability was identified in the application due to improper trust of user-controlled HTTP headers. The application uses the X-Forwarded-Host ... šŸ”— https://www.thehackerwire.com/vulnerability/CVE-2026-40905/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post
TheHackerWire
TheHackerWire
@thehackerwire
Apr 21, 2026

šŸŸ  CVE-2026-40905 - High (8.1) LinkAce is a self-hosted archive to collect website links. Prior to 2.5.4, a password reset poisoning vulnerability was identified in the application due to improper trust of user-controlled HTTP headers. The application uses the X-Forwarded-Host ... šŸ”— https://www.thehackerwire.com/vulnerability/CVE-2026-40905/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID
CVE-2026-40905
Severity
High
CVSS Score
8.1
Type
broken_authentication
Status
new
EPSS
0.0%
Social Posts
4

CWE

  • CWE-601

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

EPSS Score

0.0%Probability of exploitation in the next 30 days