A vulnerability categorized as problematic has been discovered in honojs hono up to 4.12.24 . This issue affects some unknown processing of the component Authenticated Endpoint . Executing a manipulation can lead to permissive cross-domain policy with untrusted domains. This vulnerability is tracked as CVE-2026-54290 . The attack can be launched remotely. No exploit exists. It is advisable to upgrade the affected component.