Known Vulnerabilities for Vite by Vitejs
Listed below are 7 of the newest known vulnerabilities associated with "Vite" by "Vitejs".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-56301 json | Nuxt 4.0.0 before 4.4.7 and 3.18.0 before 3.21.7, when running the development server (nuxt dev) on Linux, binds the vite-nod... | Not Provided | 2026-06-23 | 2026-06-23 |
| CVE-2026-53633 json | Vitest is a testing framework powered by Vite. From 3.0.0 until 3.2.5, 4.1.8, and 5.0.0-beta.4, Vitest Browser Mode exposed a... | Not Provided | 2026-07-14 | 2026-07-14 |
| CVE-2026-53571 json | Vite is a frontend tooling framework for JavaScript. Prior to 8.0.16, 7.3.5, and 6.4.3, the contents of files that are specif... | Not Provided | 2026-06-22 | 2026-06-22 |
| CVE-2026-47429 json | Vitest is a testing framework powered by Vite. Prior to 3.2.5 and 4.1.0, the Vitest UI/API server on Windows used isFileServi... | Not Provided | 2026-07-14 | 2026-07-14 |
| CVE-2026-47428 json | Vitest is a testing framework powered by Vite. From 4.0.17 until 4.1.6 and 5.0.0-beta.3, Vitest Browser Mode served /__vitest... | Not Provided | 2026-07-14 | 2026-07-14 |
| CVE-2026-41211 json | Vite+ is a unified toolchain and entry point for web development. Prior to version 0.1.17, `downloadPackageManager()` accepts... | Not Provided | 2026-04-23 | 2026-04-23 |
| CVE-2026-39365 json | Not Provided | 2026-04-07 | 2026-04-30 | |
| CVE-2026-39364 json | Vite is a frontend tooling framework for JavaScript. From 7.1.0 to before 7.3.2 and 8.0.5, on the Vite dev server, files that... | Not Provided | 2026-04-07 | 2026-06-30 |
| CVE-2026-39363 json | Vite is a frontend tooling framework for JavaScript. From 6.0.0 to before 6.4.2, 7.3.2, and 8.0.5, if it is possible to conne... | Not Provided | 2026-04-07 | 2026-06-30 |
| CVE-2025-32642 json | Cross-Site Request Forgery (CSRF) vulnerability in appsbd Vite Coupon vite-coupon allows Remote Code Inclusion.This issue aff... | Not Provided | 2025-04-09 | 2026-04-23 |