CVE-2025-40710 — Host Header Injection (HHI) vulnerability in the Hotspot Shield VPN client, which can induce unexpected behaviour when accessing third-party web applications through the VPN tunnel. Although such appl — CVE Database · The Intelligence Room