Insufficient Verification of Data Authenticity

Overview hono is an Ultrafast web framework for the Edges Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity in the Body Limit Middleware. An attacker can cause the application to process payloads larger than the configured maximum by understating t...

NPM: hono: AWS Lambda adapter merges multiple `Set-Cookie` headers into one value, dropping cookies on ALB single-header and Lattice

NPM: hono: AWS Lambda adapter merges multiple Set-Cookie headers into one value, dropping cookies on ALB single-header and Lattice vulnerability discovered by ? in WordPress Npm hono versions 4.12.25...

MAL-2026-4682 Malicious code in tango-app-api-trax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e7d8f3ef8e6fa016bfc17617ebcedce012c6cce870d89564965a476c3ec8da1c The tarball contains live, importable credentials for systems other than the installer's own. src/controllers/internalTrax.controller.js hardcodes...

aws-lambda operating system command injection vulnerability

AWS-Lambda is a computing service that runs code without pre-configured or managed servers. An operating system command injection vulnerability exists in versions of aws-lambda prior to 1.0.5, which stems from a program that fails to perform any cleanup operations before using config.FunctioName ...

ah-airbrake-plugin (=0.0.2), aws_lambda_app (>=1.0.1 <=2.0.1) +11 more potentially affected by CVE-2016-10530 via airbrake (>=0.2.9 <=0.3.8)

airbrake NPM version =0.2.9, =1.0.1, =0.0.1, =4.0.0, =0.1.6, =0.2.0, =0.0.1, =0.0.1, =0.0.1, =1.0.0, =1.0.1 Source cves: CVE-2016-10530 Source advisory: OSV:GHSA-856X-CP3Q-47VG...