CVE-2026-24771

by Fred · 27/01/2026

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to version 4.11.7, a Cross-Site Scripting (XSS) vulnerability exists in the `ErrorBoundary` component of the hono/jsx library. Under certain usage patterns, untrusted user-controlled strings may be rendered as raw HTML, allowing arbitrary script execution in the victim’s browser. Version 4.11.7 patches the issue.

More information : https://github.com/honojs/hono/commit/2cf60046d730df9fd0aba85178f3ecfe8212d990

CVE-2026-24771

Similar

Recent Posts

Categories

CVE-2026-24771

Share this:

Similar

Recent Posts

Categories

Tags