A vulnerability was found in Hono up to 4.12.11 . It has been declared as problematic . The impacted element is the function setCookie of the component Cookie Header Handler . Such manipulation leads to http response splitting. This vulnerability is documented as CVE-2026-56762 . The attack can be executed remotely. There is not any exploit available. It is recommended to upgrade the affected component.