Lucene search
K

5 matches found

CVE
CVE
added 6 days ago9 views

CVE-2026-59896

Hono/jsx in the Hono web framework exposes a cross-request data disclosure during server-side rendering. From version 4.11.8 up to, but not including, 4.12.27, context values created via createContext, useContext, jsxRenderer, or useRequestContext were not isolated per request and could be reused...

6.5CVSS5.9AI score0.00191EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-42326

Hono is a Web application framework that provides support for any JavaScript runtime. From 4.11.8 before 4.12.27, hono/jsx did not isolate context values per request during server-side rendering, allowing createContext, useContext, jsxRenderer, or useRequestContext data from a different in-flight...

6.5CVSS5.9AI score0.00191EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 6 days ago6 views

PT-2026-56506

Name of the Vulnerable Software and Affected Versions Hono versions 4.11.8 through 4.12.26 Description During server-side rendering, the hono/jsx module fails to isolate context values on a per-request basis. This allows data from a different in-flight request to be accessed after an await...

6.5CVSS6.1AI score0.00191EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2026/04/07 1:7 p.m.3 views

CVE-2026-35554 Apache Kafka Clients: Kafka Producer Message Corruption and Misrouting via Buffer Pool Race Condition

A race condition in the Apache Kafka Java producer client’s buffer pool management can cause messages to be silently delivered to incorrect topics. When a produce batch expires due to delivery.timeout.ms while a network request containing that batch is still in flight, the batch’s ByteBuffer is...

6.1AI score0.00328EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/01/20 6:58 p.m.11 views

Turbo Frame responses can restore stale session cookies

Summary A race condition in Turbo Frames allows delayed HTTP responses to restore stale session cookies after session-modifying operations. Details Browsers automatically process Set-Cookie headers from HTTP responses. When a Turbo Frame request is in-flight during a session-modifying action such...

4.8CVSS5.6AI score0.00242EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder