CVE-2026-29087 @hono/node-server: Authorization bypass for protected static paths via encoded slashes in Serve Static Middleware

@hono/node-server allows running the Hono application on Node.js. Prior to version 1.19.10, when using @hono/node-server's static file serving together with route-based middleware protections e.g. protecting /admin/, inconsistent URL decoding can allow protected static resources to be accessed...

CVE-2026-29087 @hono/node-server: Authorization bypass for protected static paths via encoded slashes in Serve Static Middleware

@hono/node-server allows running the Hono application on Node.js. Prior to version 1.19.10, when using @hono/node-server's static file serving together with route-based middleware protections e.g. protecting /admin/, inconsistent URL decoding can allow protected static resources to be accessed...

Huawei HedEx Lite 200R006C00SPC005 - Path Traversal Vulnerability

Exploit Title: Huawei HedEx Lite 200R006C00SPC005 - Path Traversal Vendor Homepage: https://www.huawei.com/ Software Link: https://support.huawei.com/carrier/docview!docview?nid=SCL1000005027&path=PAN-ET/PAN-T/PAN-T-HedEx Version: 200R006C00SPC005 Product & Service Introduction:...

Blynk blynk-server path traversal vulnerability

Blynk is an application for controlling Arduino and Raspberry Pi. blynk-server is one of the server components. A directory traversal vulnerability exists in blynk-server in versions of Blynk prior to 0.39.7. An attacker can exploit this vulnerability with a URL with '... /' and the URL starts wi...