Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5093 matches found

RedhatCVE
RedhatCVEadded last week5 views

CVE-2026-47675

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.21, the serialize function in hono/cookie validates domain and path options against characters that corrupt Set-Cookie header syntax ;, \r, \n, but does not apply the same validation to sameSite an...

5.3CVSS5.4AI score0.00125EPSS
Exploits0References1
EUVD
EUVDadded 2026/06/04 5:59 p.m.9 views

EUVD-2026-32925

Hono: Cookie helper does not sanitize sameSite and priority, allowing Set-Cookie injection...

5.3CVSS5.8AI score0.00125EPSS
Exploits0References4
OSV
OSVadded 2026/06/04 5:59 p.m.4 views

GHSA-3HRH-PFW6-9M5X Hono: Cookie helper does not sanitize sameSite and priority, allowing Set-Cookie injection

Summary The serialize function in hono/cookie validates domain and path options against characters that corrupt Set-Cookie header syntax ;, \r, \n, but does not apply the same validation to sameSite and priority. An application that passes user-controlled input into either option may produce a...

4.3CVSS5.8AI score0.00125EPSS
Exploits0References5
Github Security Blog
Github Security Blogadded 2026/06/04 5:59 p.m.8 views

Hono: Cookie helper does not sanitize sameSite and priority, allowing Set-Cookie injection

Summary The serialize function in hono/cookie validates domain and path options against characters that corrupt Set-Cookie header syntax ;, \r, \n, but does not apply the same validation to sameSite and priority. An application that passes user-controlled input into either option may produce a...

5.3CVSS5.8AI score0.00125EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.7 views

PT-2026-46844

Summary The serialize function in hono/cookie validates domain and path options against characters that corrupt Set-Cookie header syntax ;, r, , but does not apply the same validation to sameSite and priority. An application that passes user-controlled input into either option may produce a...

5.3CVSS5.8AI score0.00125EPSS
Exploits0References6
SUSE CVE
SUSE CVEadded 2026/05/29 1:16 a.m.12 views

SUSE CVE-2026-46153

In the Linux kernel, the following vulnerability has been resolved: 8021q: delete cleared egress QoS mappings vlandevsetegresspriority currently keeps cleared egress priority mappings in the hash as tombstones. Repeated set/clear cycles with distinct skb priorities therefore accumulate mapping...

5.8AI score0.00019EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2026/05/29 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-46153

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - 8021q: delete cleared egress QoS mappings vlandevsetegresspriority currently keeps cleared egress priority mappings in the hash as tombstones. Repeated set/clea...

5.5CVSS5.5AI score0.00019EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/05/28 9:11 p.m.8 views

CVE-2026-46153

A flaw was found in the Linux kernel's 8021q VLAN module. This vulnerability occurs because cleared egress Quality of Service QoS mappings are not properly deleted, leading to an accumulation of mapping nodes. An attacker could repeatedly set and clear egress priority mappings, causing a memory...

5.5CVSS5.8AI score0.00019EPSS
Exploits0References4
NVD
NVDadded 2026/05/28 5:16 p.m.9 views

CVE-2026-47675

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.21, the serialize function in hono/cookie validates domain and path options against characters that corrupt Set-Cookie header syntax ;, \r, \n, but does not apply the same validation to sameSite an...

5.3CVSS0.00125EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/05/28 3:28 p.m.7 views

CVE-2026-47675 Hono: Cookie helper does not sanitize sameSite and priority, allowing Set-Cookie injection

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.21, the serialize function in hono/cookie validates domain and path options against characters that corrupt Set-Cookie header syntax ;, \r, \n, but does not apply the same validation to sameSite an...

4.3CVSS5.8AI score0.00125EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/05/28 3:28 p.m.27 views

CVE-2026-47675 Hono: Cookie helper does not sanitize sameSite and priority, allowing Set-Cookie injection

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.21, the serialize function in hono/cookie validates domain and path options against characters that corrupt Set-Cookie header syntax ;, \r, \n, but does not apply the same validation to sameSite an...

4.3CVSS0.00125EPSS
Exploits0References1
CVE
CVEadded 2026/05/28 3:28 p.m.31 views

CVE-2026-47675

Summary: Hono prior to 4.12.21 has a vulnerability in the serialize() function of hono/cookie where domain and path options are validated to prevent Set-Cookie header corruption, but sameSite and priority are not validated. This can allow user-controlled input to inject attacker-chosen attributes...

5.3CVSS5.8AI score0.00125EPSS
Exploits0References1Affected Software1
NVD
NVDadded 2026/05/28 10:16 a.m.7 views

CVE-2026-46153

In the Linux kernel, the following vulnerability has been resolved: 8021q: delete cleared egress QoS mappings vlandevsetegresspriority currently keeps cleared egress priority mappings in the hash as tombstones. Repeated set/clear cycles with distinct skb priorities therefore accumulate mapping...

5.5CVSS0.00019EPSS
Exploits0References2
OSV
OSVadded 2026/05/28 10:16 a.m.4 views

UBUNTU-CVE-2026-46153

In the Linux kernel, the following vulnerability has been resolved: 8021q: delete cleared egress QoS mappings vlandevsetegresspriority currently keeps cleared egress priority mappings in the hash as tombstones. Repeated set/clear cycles with distinct skb priorities therefore accumulate mapping...

5.5CVSS5.7AI score0.00019EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/05/28 9:36 a.m.6 views

CVE-2026-46153

In the Linux kernel, the following vulnerability has been resolved: 8021q: delete cleared egress QoS mappings vlandevsetegresspriority currently keeps cleared egress priority mappings in the hash as tombstones. Repeated set/clear cycles with distinct skb priorities therefore accumulate mapping...

5.8AI score0.00019EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2026/05/28 9:36 a.m.29 views

CVE-2026-46153 8021q: delete cleared egress QoS mappings

In the Linux kernel, the following vulnerability has been resolved: 8021q: delete cleared egress QoS mappings vlandevsetegresspriority currently keeps cleared egress priority mappings in the hash as tombstones. Repeated set/clear cycles with distinct skb priorities therefore accumulate mapping...

0.00019EPSS
Exploits0References2
CVE
CVEadded 2026/05/28 9:36 a.m.22 views

CVE-2026-46153

CVE-2026-46153 affects the Linux kernel 8021q VLAN code. The vulnerability arises because vlan_dev_set_egress_priority() kept cleared egress priority mappings as tombstones in a hash, allowing repeated set/clear cycles with different skb priorities to accumulate nodes and cause memory leakage. Th...

5.5CVSS5.8AI score0.00019EPSS
Exploits0References2Affected Software1
GithubExploit
GithubExploitadded 2026/05/28 6:40 a.m.60 views

claude-security-scanner

🇨🇳 ⚡ bash git clone https://github.com/290298661...

5.8AI score
Exploits0
Positive Technologies
Positive Technologiesadded 2026/05/28 12:0 a.m.9 views

PT-2026-44415

Name of the Vulnerable Software and Affected Versions Hono versions prior to 4.12.21 Description The serialize function in hono/cookie fails to validate the sameSite and priority options against characters that can corrupt Set-Cookie header syntax, such as semicolons, carriage returns, and line...

5.3CVSS5.8AI score0.00125EPSS
Exploits0References7
CNNVD
CNNVDadded 2026/05/28 12:0 a.m.6 views

Hono 安全漏洞

Hono is a web framework built in TypeScript for the Hono community. Versions of Hono prior to 4.12.21 contained security vulnerabilities. These vulnerabilities stemmed from the serialize function not verifying the sameSite and priority options. This could allow the application to pass...

5.3CVSS5.8AI score0.00125EPSS
Exploits0References1
Rows per page
Query Builder