CVE-2026-22817 | honojs hono up to 4.11.3 JWK/JWKS alg signature verification (GHSA-f67f-6cw9-8mq4)

A vulnerability was found in honojs hono up to 4.11.3 and classified as critical. Affected by this issue is some unknown functionality of the component JWK/JWKS. Such manipulation of the argument alg leads to improper verification of cryptographic signature.

This vulnerability is documented as CVE-2026-22817. The attack can be executed remotely. There is not any exploit available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More