GHSA-HM8Q-7F3Q-5F36 Hono has improper validation of NumericDate claims (exp, nbf, iat) in JWT verify()
Summary Improper validation of the JWT NumericDate claims exp, nbf, and iat in hono/utils/jwt allows tokens with non-spec-compliant claim values to silently bypass time-based checks. This issue is not exploitable by an anonymous attacker; it only manifests when a malformed claim value reaches...