@11ty/eleventy-plugin-vite (>=8.0.0 <=8.0.0-alpha.2), @17sierra/config (=0.1.0) +1214 more potentially affected by CVE-2026-39363 via vite (>=8.0.0 <=8.0.3)

vite NPM version =8.0.0, =8.0.0, =0.0.1, =0.1.9, =0.0.15-0.1, =0.0.42, =0.1.8, =0.0.1-bate.2, =0.1.0, =0.1.0, =0.0.8, =0.0.9 - @adhisang/minecraft-modding-mcp =1.0.0 and more Source cves: CVE-2026-39363 Source advisory: SNYK:JS-VITE-15922242...

EUVD-2025-123789

Malicious code in phenomic-eleventy-dynamo-mini-css-extract-plugin npm...