Hono is Vulnerable to Authentication Bypass by IP Spoofing in AWS Lambda ALB conninfo

Summary When using the AWS Lambda adapter hono/aws-lambda behind an Application Load Balancer ALB, the getConnInfo function incorrectly selected the first value from the X-Forwarded-For header. Because AWS ALB appends the real client IP address to the end of the X-Forwarded-For header, the first...

User Impersonation

Overview hono is an Ultrafast web framework for the Edges Affected versions of this package are vulnerable to User Impersonation via the getConnInfo function in the adapter/aws-lambda/conninfo.ts‎ file. An attacker can gain unauthorized access to resources protected by IP-based access controls by...

EUVD-2026-8644

Hono is Vulnerable to Authentication Bypass by IP Spoofing in AWS Lambda ALB conninfo...

GHSA-XH87-MX6M-69F3 Hono is Vulnerable to Authentication Bypass by IP Spoofing in AWS Lambda ALB conninfo

Summary When using the AWS Lambda adapter hono/aws-lambda behind an Application Load Balancer ALB, the getConnInfo function incorrectly selected the first value from the X-Forwarded-For header. Because AWS ALB appends the real client IP address to the end of the X-Forwarded-For header, the first...

CVE-2026-27700

Hono is a Web application framework that provides support for any JavaScript runtime. In versions 4.12.0 and 4.12.1, when using the AWS Lambda adapter hono/aws-lambda behind an Application Load Balancer ALB, the getConnInfo function incorrectly selected the first value from the X-Forwarded-For...

CVE-2026-27700

Hono is a Web application framework that provides support for any JavaScript runtime. In versions 4.12.0 and 4.12.1, when using the AWS Lambda adapter hono/aws-lambda behind an Application Load Balancer ALB, the getConnInfo function incorrectly selected the first value from the X-Forwarded-For...

CVE-2026-27700 Hono is Vulnerable to Authentication Bypass by IP Spoofing in AWS Lambda ALB conninfo

Hono is a Web application framework that provides support for any JavaScript runtime. In versions 4.12.0 and 4.12.1, when using the AWS Lambda adapter hono/aws-lambda behind an Application Load Balancer ALB, the getConnInfo function incorrectly selected the first value from the X-Forwarded-For...

Hono 数据伪造问题漏洞

Hono is a web framework built in TypeScript for the Hono community. Versions 4.12.0 and 4.12.1 of Hono contain a data manipulation vulnerability. This vulnerability arises from the use of the AWS Lambda adapter after an application load balancer. In this context, the getConnInfo function...

PT-2026-21921

Name of the Vulnerable Software and Affected Versions Hono versions 4.12.0 through 4.12.1 Description Hono is a Web application framework that provides support for any JavaScript runtime. When using the AWS Lambda adapter hono/aws-lambda behind an Application Load Balancer ALB, the getConnInfo...

Malicious Package

Overview client-lambda is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

avalanche-config-installer (>=0.2.36 <=0.2.43), avalanche-installer (>=0.0.18 <=0.0.32) +39 more potentially affected by unknown CVE via aws-sdk-s3 (>=0.0.26-alpha <=0.9.0)

aws-sdk-s3 CARGO version =0.0.26-alpha, =0.2.36, =0.0.18, =0.0.42, =0.0.5, =0.0.24, =0.0.1, =0.0.0, =0.0.46, =0.1.7, =0.4.0, =0.4.0, =0.1.1, =0.1.0, =0.8.0, =0.8.0, =0.12.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-G59M-GF8J-GJF5...

cargo-lambda (>=0.11.0 <=0.12.0), cargo-lambda-deploy (>=0.11.0 <=0.12.0) +1 more potentially affected by unknown CVE via aws-sdk-iam (>=0.14.0 <=0.17.0)

aws-sdk-iam CARGO version =0.14.0, =0.11.0, =0.11.0, =0.12.0 - vaultrs-login =0.1.7 Source cves: unknown CVE Source advisory: OSV:GHSA-G59M-GF8J-GJF5...

aws-sg-cleanup (>=0.1.0 <=0.1.3), cargo-lambda (>=0.7.0 <=0.12.0) +5 more potentially affected by unknown CVE via aws-sdk-lambda (>=0.10.1 <=0.9.0)

aws-sdk-lambda CARGO version =0.10.1, =0.1.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =1.3.0, =1.7.3 Source cves: unknown CVE Source advisory: OSV:GHSA-G59M-GF8J-GJF5...

Malicious code in create-react-app-lambda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8dce198bea6270ee06edafb853bcde3e517778beca89073512ee6d6cf1da2304 The package create-react-app-lambda was found to contain malicious code. Source: ghsa-malware...

MAL-2026-132 Malicious code in create-react-app-lambda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8dce198bea6270ee06edafb853bcde3e517778beca89073512ee6d6cf1da2304 The package create-react-app-lambda was found to contain malicious code. Source: ghsa-malware...

📄 Keras 2.15 Insecure Deserialization

Keras version 2.15 insecure deserialization proof of concept exploit. A security issue in certain versions of Keras allows attackers to craft a malicious model file typically a .keras or HDF5-based model containing unsafe serialization primitives. When such a model is loaded, the deserialization...

Compromised IAM Credentials Power a Large AWS Crypto Mining Campaign

An ongoing campaign has been observed targeting Amazon Web Services AWS customers using compromised Identity and Access Management IAM credentials to enable cryptocurrency mining. The activity, first detected by Amazon's GuardDuty managed threat detection service and its automated security...

ca.weblite:teavm-lambda-demo-auth (>=0.1.5 <=0.1.6), ca.weblite:teavm-lambda-demo-features (>=0.1.5 <=0.1.6) +220 more potentially affected by CVE-2025-66453 via org.mozilla:rhino (=1.7.15)

org.mozilla:rhino MAVEN version =1.7.15 is affected by a known vulnerability. The following packages have a transitive dependency on org.mozilla:rhino and may be impacted: - ca.weblite:teavm-lambda-demo-auth =0.1.5, =0.1.5, =0.1.5, =0.1.5, =0.1.5, =0.1.5, =0.1.1, =0.1.1, =0.1.4, =1.9.0, =2.43.0,...

com.amazonaws.serverless:aws-serverless-java-container-struts (>=1.9 <=1.9.4), com.jgeppert.struts2.bootstrap:struts2-bootstrap-plugin (>=4.0.2 <=5.0.6) +77 more potentially affected by CVE-2025-64775 via org.apache.struts:struts2-core (>=6.0.0 <=6.7.4)

org.apache.struts:struts2-core MAVEN version =6.0.0, =1.9, =4.0.2, =4.0.2, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =1.4.0, =1.4.1, =1.4.0, =1.4.3 and more Source cves: CVE-2025-64775 Source advisory: SNYK:JAVA-ORG...

EUVD-2025-179722

Malicious code in class-kernel-lambda-void-try npm...