Lucene search
+L

4 matches found

NVD
NVD
added 2026/05/13 4:16 p.m.53 views

CVE-2026-44457

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.18, Cache Middleware does not skip caching for responses that declare per-user variance via Vary: Authorization or Vary: Cookie. As a result, a response cached for one authenticated user may be...

5.3CVSS0.00197EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/13 2:58 p.m.69 views

CVE-2026-44457 Hono: Cache Middleware ignores Vary: Authorization / Vary: Cookie leading to cross-user cache leakage

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.18, Cache Middleware does not skip caching for responses that declare per-user variance via Vary: Authorization or Vary: Cookie. As a result, a response cached for one authenticated user may be...

5.3CVSS0.00197EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/13 2:58 p.m.10 views

CVE-2026-44457

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.18, Cache Middleware does not skip caching for responses that declare per-user variance via Vary: Authorization or Vary: Cookie. As a result, a response cached for one authenticated user may be...

5.3CVSS5.8AI score0.00197EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/05/09 12:28 a.m.47 views

GHSA-P77W-8QQV-26RM Hono's Cache Middleware ignores Vary: Authorization / Vary: Cookie leading to cross-user cache leakage

Summary Cache Middleware does not skip caching for responses that declare per-user variance via Vary: Authorization or Vary: Cookie. As a result, a response cached for one authenticated user may be served to subsequent requests from different users. Details The Cache Middleware skips caching when...

5.3CVSS5.8AI score0.00197EPSS
Exploits0References3
Rows per page
Query Builder