Sub2Api · Sub2Api · CVE-2026-27812
**Name of the Vulnerable Software and Affected Versions**
Sub2API versions prior to 0.1.85
**Description**
Sub2API is an AI API gateway platform for managing API quotas. A Password Reset Poisoning issue exists due to trust in the Host and Forwarded headers, allowing manipulation of the password reset link. Attackers can inject a domain into the password reset link, potentially leading to account takeover via the affected endpoint.
**Recommendations**
Upgrade to version 0.1.85 or later.
Disable the "forgot password" feature until an upgrade to a patched version can be performed.