GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
4 advisories
Hono Vulnerable to Cookie Attribute Injection via Unsanitized domain and path in setCookie()
Moderate
CVE-2026-29086
was published
for
hono
(npm)
Mar 4, 2026
Hono missing validation of cookie name on write path in setCookie()
Moderate
GHSA-26pp-8wgv-hjvm
was published
for
hono
(npm)
Apr 8, 2026
Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain
Critical
CVE-2026-40175
was published
for
axios
(npm)
Apr 10, 2026
ProTip!
Advisories are also available from the
GraphQL API