Lucene search
K

4 matches found

Cvelist
Cvelist
added 2026/05/13 3:1 p.m.63 views

CVE-2026-44458 Hono: CSS Declaration Injection via Style Object Values in JSX SSR

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.18, the JSX renderer escapes style attribute object values for HTML but not for CSS. Untrusted input in a style object value or property name can therefore inject additional CSS declarations into t...

4.3CVSS0.00197EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/13 3:1 p.m.10 views

CVE-2026-44458 Hono: CSS Declaration Injection via Style Object Values in JSX SSR

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.18, the JSX renderer escapes style attribute object values for HTML but not for CSS. Untrusted input in a style object value or property name can therefore inject additional CSS declarations into t...

4.3CVSS5.9AI score0.00197EPSS
Exploits0References1
OSV
OSV
added 2026/05/13 3:1 p.m.3 views

CVE-2026-44458 Hono: CSS Declaration Injection via Style Object Values in JSX SSR

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.18, the JSX renderer escapes style attribute object values for HTML but not for CSS. Untrusted input in a style object value or property name can therefore inject additional CSS declarations into t...

4.3CVSS6.1AI score0.00197EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/05/09 12:46 a.m.11 views

NPM: Hono has CSS Declaration Injection via Style Object Values in JSX SSR

NPM: Hono has CSS Declaration Injection via Style Object Values in JSX SSR vulnerability discovered by ? in WordPress Npm hono versions 4.12.18...

4.3CVSS5.8AI score0.00197EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder