Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Lifecycle Timeline
2Blast Radius
ecosystem impact- 8 npm packages depend on hono (8 direct, 0 indirect)
Ecosystem-wide dependent count for version 4.12.21.
DescriptionGitHub Advisory
Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.21, the ip-restriction middleware (hono/ip-restriction) compares incoming IP addresses against configured deny and allow rules using string equality after partial normalization. Non-canonical IPv6 representations of an address already listed in a static rule - such as compressed forms, explicit-zero forms, or hex-notation IPv4-mapped addresses - do not match the normalized rule entry, causing the rule to be silently skipped. This vulnerability is fixed in 4.12.21.
AnalysisAI
IP restriction bypass in Hono's ip-restriction middleware (hono/ip-restriction) prior to version 4.12.21 allows unauthenticated remote attackers to circumvent configured deny and allow rules by submitting non-canonical IPv6 representations of restricted addresses. String equality comparison applied after only partial normalization means that compressed, explicit-zero, or hex-notation IPv4-mapped IPv6 forms of a listed address silently fail to match the normalized rule entry, causing enforcement to be skipped entirely. No public exploit has been identified at time of analysis, but the bypass requires only trivial reformatting of a standard IPv6 address, making it practically low-effort for any attacker aware of the flaw.
Technical ContextAI
Hono is a lightweight Web application framework supporting all major JavaScript runtimes including Cloudflare Workers, Deno, Bun, and Node.js. Its hono/ip-restriction middleware evaluates incoming client IP addresses against configured allow/deny rule sets using string equality after partial normalization. IPv6 has numerous canonically equivalent representations: compressed forms (e.g., ::1 vs 0:0:0:0:0:0:0:1), explicit-zero forms, and IPv4-mapped addresses in hex notation (e.g., ::ffff:c0a8:0101 vs ::ffff:192.168.1.1). Because the middleware's normalization was incomplete, these alternate forms did not match normalized rule entries stored internally, creating a systematic bypass class. CWE-185 (Incorrect Regular Expression) broadly covers flawed pattern or string-matching logic; in this case the root cause is that the comparison logic lacked a full canonicalization step over the IPv6 address space before comparison. The affected CPE is cpe:2.3:a:honojs:hono:*:*:*:*:*:*:*:* covering all Hono versions prior to 4.12.21.
RemediationAI
Upgrade Hono to version 4.12.21 or later, which resolves the incomplete IPv6 normalization in the ip-restriction middleware; this is the vendor-released patch confirmed by the GitHub security advisory at https://github.com/honojs/hono/security/advisories/GHSA-xrhx-7g5j-rcj5. If an immediate upgrade is not feasible, implement IP restriction at the infrastructure layer - such as a reverse proxy (nginx, Caddy), CDN edge rules, or host-based firewall - rather than relying solely on the application-level middleware, as infrastructure-layer controls typically perform full canonicalization and eliminate the normalization gap entirely. As a partial interim measure, ensure all configured deny and allow rule entries use fully expanded canonical IPv6 notation, which reduces (but does not eliminate) the attack surface since the application still does not normalize incoming addresses before comparison. Do not treat the application-level hono/ip-restriction middleware as a reliable security boundary in isolation until the upgrade to 4.12.21 is applied.
The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and
An authenticated path traversal vulnerability in Langflow's file upload functionality allows attackers to write arbitrar
Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitra
An authorization bypass vulnerability in gRPC-Go allows attackers to circumvent path-based access control by sending HTT
Arbitrary file read in Langroid's SQLChatAgent (<= 0.63.0) lets an attacker who can influence the LLM-generated SQL exfi
An issue was discovered in the jsrsasign package through 8.0.18 for Node.js. Rated high severity (CVSS 7.5), this vulner
The Elliptic package 6.5.2 for Node.js allows ECDSA signature malleability via variations in encoding, leading '\0' byte
Resource exhaustion in OpenTelemetry Go propagation library (v1.41.0 and earlier) enables remote attackers to trigger se
A vulnerability in the seccomp filters of Canonical snapd before version 2.37.4 allows a strict mode snap to insert char
The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved
concrete5 8.1.0 places incorrect trust in the HTTP Host header during caching, if the administrator did not define a "ca
Timestamp forgery in sigstore-js allows an attacker supplying a crafted bundle v0.2 to manipulate certificate validity w
Same weakness CWE-185 – Incorrect Regular Expression
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-32926
GHSA-xrhx-7g5j-rcj5