CVE-2026-39365

A flaw was found in Vite. The development server's handling of .map requests contains a path traversal vulnerability. A remote attacker can exploit this by sending a specially crafted request with directory traversal sequences ../ to bypass security restrictions. This allows the attacker to...

Vite 路径遍历漏洞

Vite is a new type of front-end build tool developed by Vite itself. Versions of Vite from 6.0.0 to 6.4.2, before 7.3.2, and before 8.0.5 contained a path traversal vulnerability. This vulnerability stemmed from insufficient path traversal restrictions on .map requests, which could allow bypassin...