[Aikido] Fix 1 critical issue in @clerk/nextjs and 36 other issues

[aikido-autofix]

Upgrade dependencies to fix critical security vulnerabilities: Axios proxy bypass/SSRF, Hono middleware authorization bypass, Clerk authentication middleware bypass, and other RCE/DoS issues.

✅ 37 CVEs resolved by this upgrade, including 3 critical 🚨 CVEs

This PR will resolve the following CVEs:

Issue	Severity	Description
CVE-2025-62718	🚨 CRITICAL	[axios] Improper hostname normalization in NO_PROXY rule checking allows requests to loopback addresses (localhost., [::1]) to bypass proxy protections, enabling proxy bypass and potential SSRF attacks against internal services. This vulnerability permits attackers to reach sensitive services despite configured NO_PROXY protections.
CVE-2026-40175	HIGH	[axios] A prototype pollution vulnerability in Axios can be exploited through gadget chains to escalate into Remote Code Execution (RCE) or bypass AWS IMDSv2 for cloud compromise. This affects any third-party dependencies using the library.
CVE-2026-25639	HIGH	[axios] The mergeConfig function crashes with a TypeError when processing configuration objects containing proto as an own property, allowing attackers to trigger denial of service. An attacker can exploit this by providing a malicious configuration object created via JSON.parse().
AIKIDO-2026-10509	MEDIUM	[axios] Prototype pollution vulnerability allows attackers to inject malicious headers into requests through unsafe FormData detection and header merging, potentially enabling authorization bypass or request manipulation.
CVE-2026-29045	🚨 CRITICAL	[hono] URL decoding inconsistency between router and serveStatic allows bypassing route-based middleware protections via encoded slashes (%2F), enabling unauthorized access to protected static resources. This vulnerability permits attackers to circumvent authorization checks through path manipulation.
CVE-2026-27700	HIGH	[hono] IP-based access control bypass in AWS Lambda adapter when behind Application Load Balancer due to incorrect X-Forwarded-For header parsing, allowing attackers to spoof their IP address and bypass IP restriction middleware.
CVE-2026-39408	HIGH	[hono] Path traversal vulnerability in toSSG() allows attackers to write files outside the configured output directory during static site generation using specially crafted dynamic route parameters. This enables arbitrary file write attacks that could compromise system integrity.
CVE-2026-29085	MEDIUM	[hono] Improper input validation in streamSSE() allows injection of arbitrary SSE fields through unvalidated carriage return and newline characters in event, id, and retry fields, enabling protocol manipulation and potential information disclosure or DoS attacks.
CVE-2026-29086	MEDIUM	[hono] The setCookie() utility fails to validate semicolons, carriage returns, and newlines in domain and path options, allowing attackers to inject additional cookie attributes through untrusted input. This could lead to cookie manipulation and potential security bypasses.
CVE-2026-39407	MEDIUM	[hono] Path handling inconsistency in serveStatic allows bypassing route-based authorization middleware by using repeated slashes (//) in request paths, enabling unauthorized access to protected static files.
CVE-2026-39409	MEDIUM	[hono] The ipRestriction() middleware fails to canonicalize IPv4-mapped IPv6 addresses before applying IPv4 allow/deny rules, allowing attackers to bypass IP-based access controls in dual-stack environments.
GHSA-26pp-8wgv-hjvm	MEDIUM	[hono] Cookie names are not validated in setCookie(), serialize(), or serializeSigned(), allowing invalid characters that can cause malformed Set-Cookie headers and runtime errors when processing untrusted cookie names.
CVE-2026-39410	MEDIUM	[hono] A discrepancy between browser cookie parsing and parse() handling allows cookie prefix protections to be bypassed, enabling attacker-controlled cookies to override legitimate ones through key normalization.
GHSA-v8w9-8mx6-g223	MEDIUM	[hono] Prototype pollution vulnerability in parseBody({ dot: true }) where specially crafted form field names like __proto__.x create objects with __proto__ properties, potentially enabling prototype pollution if merged unsafely into other objects.
GHSA-458j-xx4x-4375	MEDIUM	[hono] Improper validation of JSX attribute names allows malformed keys to inject unintended HTML attributes or elements during server-side rendering, potentially leading to XSS attacks when untrusted input is used as attribute keys.
AIKIDO-2026-10336	LOW	[hono] Accept header parsing uses a vulnerable regex that causes catastrophic backtracking when processing crafted headers with many segments, enabling denial of service attacks through CPU exhaustion.
GHSA-vqx2-fgx2-5wq9	🚨 CRITICAL	[@clerk/nextjs] createRouteMatcher can be bypassed by crafted requests, allowing attackers to skip middleware gating and reach protected downstream handlers. Sessions remain secure and user impersonation is not possible, but unprotected route handlers may be accessed.
CVE-2026-29087	HIGH	[@hono/node-server] Inconsistent URL decoding in static file serving allows bypassing route-based middleware protections through encoded slashes (%2F), enabling unauthorized access to protected resources. This is an authorization bypass vulnerability affecting static file access controls.
CVE-2026-39406	MEDIUM	[@hono/node-server] Path handling inconsistency in serveStatic allows bypassing route-based authorization middleware by using repeated slashes (//), enabling access to protected static files. This vulnerability permits middleware bypass and unauthorized file access.
CVE-2026-30827	HIGH	[express-rate-limit] The default keyGenerator incorrectly applies IPv6 subnet masking to IPv4-mapped IPv6 addresses, collapsing all IPv4 traffic into a single rate-limit bucket. This causes one client exhausting the limit to trigger HTTP 429 errors for all other IPv4 clients (DoS).
GHSA-q4gf-8mx6-v5v3	HIGH	[next] A specially crafted HTTP request to App Router Server Function endpoints can trigger excessive CPU usage during deserialization, causing denial of service (DoS).
CVE-2026-4926	HIGH	[path-to-regexp] A bad regular expression is generated for multiple sequential optional groups, causing exponential regex growth that leads to denial of service. Attackers can exploit this by crafting malicious route patterns with many optional groups to consume excessive resources.
CVE-2026-4923	LOW	[path-to-regexp] Multiple wildcards combined with parameters can generate a regular expression vulnerable to ReDoS (Regular Expression Denial of Service), causing excessive backtracking and potential denial of service when the second wildcard is not at the path end.
CVE-2026-32887	HIGH	[effect] A vulnerability in RpcServer.toWebHandler and HttpApp.toWebHandlerRuntime allows AsyncLocalStorage-dependent APIs to leak context between concurrent requests, potentially exposing another user's session data or authentication information in Next.js applications.
GHSA-r4q5-vmmm-2653	MEDIUM	[follow-redirects] Custom authentication headers (e.g., X-API-Key, X-Auth-Token) are leaked to redirect targets on cross-domain redirects because only standard headers are stripped. This enables attackers to capture sensitive credentials through malicious redirects.
AIKIDO-2026-10451	MEDIUM	[csv-parse] A prototype pollution vulnerability exists when processing user-controlled column or header names, allowing attackers to inject properties into Object.prototype through crafted CSV input, affecting all subsequently created objects.
GHSA-w5hq-g745-h8pq	MEDIUM	[uuid] v3, v5, and v6 UUID functions silently perform partial writes when provided with out-of-range buffer offsets, unlike v4/v1/v7 which properly throw RangeError, potentially producing malformed identifiers without error.
AIKIDO-2026-10664	MEDIUM	[inngest] Improper URL encoding of path segments in API client URLs allows attackers to inject reserved characters, enabling unintended routing and path traversal attacks.
AIKIDO-2026-10665	MEDIUM	[inngest] The OTel exporter transmits raw signing keys in Authorization Bearer headers instead of hashed versions, exposing credentials to disclosure through logs, proxies, and intermediaries with access to request headers.
AIKIDO-2026-10657	LOW	[inngest] Weak HMAC signature verification using non-constant-time comparison allows attackers to forge valid signatures through timing attacks. Insufficient timestamp validation enables bypass of signature expiry checks.
CVE-2025-13465	MEDIUM	[lodash] A prototype pollution vulnerability in _.unset and _.omit functions allows attackers to delete methods from global prototypes via crafted paths. While this prevents property overwriting, it can cause denial of service by removing critical functionality.
CVE-2026-2950	MEDIUM	[lodash] Prototype pollution vulnerability in _.unset and _.omit functions allows attackers to bypass previous fixes using array-wrapped path segments, enabling deletion of properties from built-in prototypes. While this doesn't allow overwriting prototype behavior, it can cause denial of service or unexpected application behavior.
CVE-2026-33672	MEDIUM	[picomatch] A method injection vulnerability in POSIX bracket expressions allows specially crafted patterns to reference inherited methods, causing incorrect glob matching behavior that could bypass security-relevant filtering or validation logic. This integrity issue affects applications relying on glob patterns for access control.
CVE-2026-33671	LOW	[picomatch] Regular Expression Denial of Service (ReDoS) vulnerability in extglob pattern processing causes catastrophic backtracking on crafted patterns, allowing attackers to consume excessive CPU and block the event loop when untrusted glob patterns are compiled or matched.
CVE-2026-33532	MEDIUM	[yaml] A stack overflow vulnerability in the YAML parser's node resolution phase allows attackers to trigger a RangeError via deeply nested YAML structures (~2-10 KB), potentially causing denial of service or process termination in applications that don't catch non-YAMLParseError exceptions.
AIKIDO-2026-10477	LOW	[brace-expansion] A denial-of-service vulnerability allows attackers to craft malicious brace patterns with repeated numeric ranges that cause exponential expansion, consuming excessive CPU and memory until process failure. The fix introduces an optional maximum limit parameter to bound expansion work.
AIKIDO-2026-10269	LOW	[ai] An unbounded download vulnerability allows adversaries to exhaust system resources through large or uncontrolled downloads, causing denial-of-service by crashing or hanging applications. The SDK lacks proper size limits on downloads, leading to excessive memory or CPU consumption.

[vidoc-ai-security-engineer]

Vidoc Security Report

Great! No high-severity issues detected.

Details

{ "scanId": "019de058-f20e-77c8-a40f-d371b3930516", "codebaseId": "019d74e8-a953-70b7-a19d-914ab632ae39", "installationId": "019d74e8-a4a8-772f-bdb7-b896739e2b23", "internalPullRequestId": "019de058-f1f8-73af-8ab4-27c2dc1273a1" }