Threats Tagged 'cve-2026-29087'
View all threats tagged with 'cve-2026-29087'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cve-2026-29087'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-29087: CWE-863: Incorrect Authorization in honojs node-serverCVE-2026-29087 0 @hono/node-server allows running the Hono application on Node.js. Prior to version 1.19.10, when using @hono/node-server's static file serving together with route-based middleware protections (e.g. protecting /admin/*), inconsistent URL decoding can allow protected static resources to be accessed without authorization. In particular, paths containing encoded slashes (%2F) may be evaluated differently by routing/middleware matching versus static file path resolution, enabling a bypass where middleware does not run but the static file is still served. This issue has been patched in version 1.19.10. Join the discussion | CVE Database V5 | 03/06/2026, 17:03:30 UTC Added: 03/06/2026, 17:31:05 UTC |
Showing 1 to 1 of 1 result