Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-7xab-d7wk-83c5
Vulnerability ID VCID-7xab-d7wk-83c5
Aliases CVE-2026-44459
GHSA-hm8q-7f3q-5f36
Summary
Status Published
Exploitability 0.5
Weighted Severity 3.4
Risk 1.7
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-1284 Improper Validation of Specified Quantity in Input
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
epss 0.00021 https://api.first.org/data/v1/epss?cve=CVE-2026-44459
epss 0.00021 https://api.first.org/data/v1/epss?cve=CVE-2026-44459
epss 0.00021 https://api.first.org/data/v1/epss?cve=CVE-2026-44459
epss 0.00023 https://api.first.org/data/v1/epss?cve=CVE-2026-44459
cvssv3.1_qr LOW https://github.com/advisories/GHSA-hm8q-7f3q-5f36
cvssv3.1 3.8 https://github.com/honojs/hono
generic_textual LOW https://github.com/honojs/hono
cvssv3.1 3.8 https://github.com/honojs/hono/security/advisories/GHSA-hm8q-7f3q-5f36
cvssv3.1_qr LOW https://github.com/honojs/hono/security/advisories/GHSA-hm8q-7f3q-5f36
generic_textual LOW https://github.com/honojs/hono/security/advisories/GHSA-hm8q-7f3q-5f36
cvssv3.1 3.8 https://nvd.nist.gov/vuln/detail/CVE-2026-44459
generic_textual LOW https://nvd.nist.gov/vuln/detail/CVE-2026-44459
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2026-44459
https://github.com/honojs/hono
https://github.com/honojs/hono/security/advisories/GHSA-hm8q-7f3q-5f36
https://nvd.nist.gov/vuln/detail/CVE-2026-44459
GHSA-hm8q-7f3q-5f36 https://github.com/advisories/GHSA-hm8q-7f3q-5f36
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N Found at https://github.com/honojs/hono
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N Found at https://github.com/honojs/hono/security/advisories/GHSA-hm8q-7f3q-5f36
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2026-44459
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.0606
EPSS Score 0.00021
Published At June 11, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-12T02:46:37.515297+00:00 EPSS Importer Import https://epss.cyentia.com/epss_scores-current.csv.gz 38.6.0