CVE-2026-27700 | honojs hono up to 4.12.1 getConnInfo X-Forwarded-For data authenticity (GHSA-xh87-mx6m-69f3)

A vulnerability classified as critical has been found in honojs hono up to 4.12.1. Affected by this vulnerability is the function getConnInfo. Performing a manipulation of the argument X-Forwarded-For results in insufficient verification of data authenticity.

This vulnerability is reported as CVE-2026-27700. The attack is possible to be carried out remotely. No exploit exists.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More