A vulnerability classified as critical has been found in Black Lantern Security BBOT up to 2.8.4 . The affected element is an unknown function of the component Response Header Handler . Performing a manipulation of the argument realm results in server-side request forgery. This vulnerability is reported as CVE-2026-12566 . The attack is possible to be carried out remotely. No exploit exists. To fix this issue, it is recommended to deploy a patch.