Lucene search
K

hono Improperly Handles JSX Attribute Names Allows HTML Injection in hono/jsx SSR

🗓️ 16 Apr 2026 01:02:24Reported by GitHub Advisory DatabaseType 
github
 github
🔗 github.com👁 12 Views

Improper handling of JSX attribute names in hono/jsx SSR enables HTML injection and XSS from untrusted keys.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2026-56761
24 Jun 202611:53
attackerkb
Chainguard
CVE-2026-56761 vulnerabilities
25 Jun 202620:37
cgr
Circl
CVE-2026-56761
24 Jun 202614:11
circl
CVE
CVE-2026-56761
24 Jun 202611:53
cve
Cvelist
CVE-2026-56761 hono - HTML Injection via Improper JSX Attribute Name Handling in SSR
24 Jun 202611:53
cvelist
EUVD
EUVD-2026-38757
24 Jun 202611:53
euvd
NVD
CVE-2026-56761
24 Jun 202613:16
nvd
OSV
CGA-6CRF-CGJ2-8HQ7
25 Jun 202613:18
osv
OSV
GHSA-458J-XX4X-4375 hono Improperly Handles JSX Attribute Names Allows HTML Injection in hono/jsx SSR
16 Apr 202601:02
osv
Positive Technologies
PT-2026-51785
24 Jun 202600:00
ptsecurity
Rows per page
Vulners
Node
honohonoRange<4.12.14npm

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

24 Jun 2026 13:10Current
5.7Medium risk
Vulners AI Score5.7
CVSS 3.14.3
CVSS 45.3
EPSS0.00174
SSVC
12