CVE lookup
CVE-2025-30208
Pruva has a verified reproduction for CVE-2025-30208: Vite dev server access control can be bypassed using crafted query strings, allowing arbitrary file reads via the @fs handler when the dev server is exposed to the network.. The canonical evidence record is REPRO-2026-00195.
REPRO
REPRO-2026-00195
Package
vite · npm
Severity
MEDIUM
Status
published