CVE-2026-44456
medium
CVSS v3
6.5
CVSS v2
—
VIR risk
6.5
Description
Hono: bodyLimit() can be bypassed for chunked / unknown-length requests
Predictions
Exploit likelihood
75%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: security-advisories@github.com — https://github.com/honojs/hono/security/advisories/GHSA-9vqf-7f2p-gf9v
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| hono | hono | {"endExcluding":"4.12.16"} | 4.12.16 |
References
CWEs
CWE-400
Verify integrity in audit chain (admin only). AS-IS.