CNNVD-202601-4466 Information

CNNVD ID

CNNVD-202601-4466

Related CVE

CVE-2026-24398

• CNNVD Published: 2026-01-27

Description (Chinese)

Hono是Hono社区的一个用 TypeScript 编写的 Web 框架。 Hono 4.11.7之前版本存在安全漏洞，该漏洞源于IP限制中间件存在IP地址验证绕过，可能导致攻击者绕过基于IP的访问控制。

Description (English)

Hono is a web-based framework for the Hono community, developed by TypeScript. Prior to Hono 4.11.7, there was a security loophole, which stemmed from the IP limit intermediate with an IP address verification bypass, which could lead the attackers to circumvent IP-based access controls.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Hono

Published

2026-01-27

Last Modified

2026-02-24

References

https://github.com/honojs/hono/security/advisories/GHSA-r354-f388-2fhh https://github.com/honojs/hono/commit/edbf6eea8e6c26a3937518d4ed91d8666edeec37 https://github.com/honojs/hono/releases/tag/v4.11.7 https://access.redhat.com/security/cve/cve-2026-24398

Patch

https://github.com/honojs/hono/releases