[CRITICAL] Known affected by Account Takeover via Password Reset Token Leakage

PKSA-mcts-z5dp-tgk3 CVE-2026-26273 GHSA-78wq-6gcv-w28r

Affected version: <=1.6.2

Reported by:
GitHub