Lucene search
K

5 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/03/02 12:18 p.m.8 views

Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands are vulnerable to loss of confidentiality (CVE-2026-24398, CVE-2026-24472, CVE-2026-24473, CVE-2026-24771)

Summary Node.js module Hono is used by IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands are vulnerable to loss of confidentiality. This bulletin provides patch information to address the reported...

6.5CVSS6.2AI score0.00457EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/28 9:17 p.m.5 views

CVE-2026-24398

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to version 4.11.7, IP Restriction Middleware in Hono is vulnerable to an IP address validation bypass. The IPV4REGEX pattern and convertIPv4ToBinary function in src/utils/ipaddr.ts do not properly validate...

6.5CVSS5.9AI score0.00315EPSS
Exploits0References1
OSV
OSV
added 2026/01/27 7:6 p.m.5 views

CVE-2026-24398 Hono's IPv4 address validation bypass in IP Restriction Middleware allows IP spoofing

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to version 4.11.7, IP Restriction Middleware in Hono is vulnerable to an IP address validation bypass. The IPV4REGEX pattern and convertIPv4ToBinary function in src/utils/ipaddr.ts do not properly validate...

4.8CVSS5.9AI score0.00315EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2026/01/27 7:1 p.m.4 views

@3onedata/alsatian (>=0.1.8-fix.3 <=0.1.8-fix.5), @agimon-ai/browse-tool (>=0.2.0 <=0.5.5) +156 more potentially affected by CVE-2026-24398 via hono (>=4.0.0 <=4.11.6)

hono NPM version =4.0.0, =0.1.8-fix.3, =0.2.0, =0.2.0, =0.4.0, =0.2.0, =0.0.1, =1.7.2, =1.7.1, =0.2.1, =0.6.1, =0.5.2, =1.0.1-beta.0, =1.0.2, =4.0.0-alpha.28, =4.0.0-alpha.56 and more Source cves: CVE-2026-24398 Source advisory: SNYK:JS-HONO-15123483...

6.5CVSS5.7AI score0.00315EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/01/27 7:1 p.m.7 views

@3onedata/alsatian (>=0.1.8-fix.3 <=0.1.8-fix.5), @abyedev/hono-dotenv (=1.0.0) +438 more potentially affected by CVE-2026-24398 via hono (>=0.5.10 <=4.11.6)

hono NPM version =0.5.10, =0.1.8-fix.3, =5.0.0, =0.2.0, =0.2.0, =0.4.0, =0.2.0, =0.1.1, =0.0.1, =0.0.2-a, =0.1.22, =1.1.1, =0.0.1, =1.7.2, =1.7.1, =1.8.0 and more Source cves: CVE-2026-24398 Source advisory: OSV:GHSA-R354-F388-2FHH...

6.5CVSS5.7AI score0.00315EPSS
Exploits0
Rows per page
Query Builder