pkg:npm/@hono/node-server

4 total CVEsHIGH2MEDIUM2

✅ Check your installed version

All known vulnerabilities

  • HIGH7.5CVE-2026-29087@hono/node-server has authorization bypass for protected static paths via encoded slashes in Serve Static Middleware
    from 0, < 1.19.10
  • HIGH7.5CVE-2024-32652@hono/node-server has Denial of Service risk when receiving Host header that cannot be parsed
    >= 1.3.0, < 1.10.1
  • MEDIUM5.3CVE-2026-39406@hono/node-server: Middleware bypass via repeated slashes in serveStatic
    from 0, < 1.19.13
  • MEDIUM5.3CVE-2024-23340@hono/node-server cannot handle "double dots" in URL
    >= 1.3.0, < 1.4.1