[MEDIUM] Dot-only cookie domains match all hosts

PKSA-93qv-9n9h-6k6p CVE-2026-55767 GHSA-cwxw-98qj-8qjx

Affected package: guzzlehttp/guzzle

Affected version: <7.12.1

Reported by:
GitHub, FriendsOfPHP/security-advisories