CVE update for 26.0.0.1

[clarkek123]

This issue is opened to update the CVE list for 26.0.0.1 to include the following:

|https://www.cve.org/CVERecord?id=CVE-2025-12635[CVE-2025-12635]
|5.4

|Cross-site scripting

|17.0.0.3-25.0.0.12
|26.0.0.1
|Affects the feature:servlet-3.1[], feature:servlet-4.0[], feature:servlet-5.0[] and feature:servlet-6.0[] features

[ramkumar-k-9286]

Hi Kristen @clarkek123

The suggested changes have been made.

Draft link: https://docs-draft-openlibertyio.mqj6zf7jocq.us-south.codeengine.appdomain.cloud/docs/latest/security-vulnerabilities.html

Please add the Developer Reviewed label if you are satisfied with the changes.

Regards,
Ramkumar

[clarkek123]

@ramkumar-k-9286 I have reviewed the draft and all links and it looks good. Adding "technical reviewed"