VulnCheck KEV: CVE-2025-24963

Vitest is a testing framework powered by Vite. The screenshot-error handler on the browser mode HTTP server that responds any file on the file system. Especially if the server is exposed on the network by browser.api.host: true, an attacker can send a request to that handler from remote to get th...

Vitest 路径遍历漏洞

Vitest is a Vite-powered next-generation testing framework open-sourced by Vitest. Vitest has a path traversal vulnerability that originates from a screenshot-error handler on a browser-mode HTTP server that responds to any file on the filesystem...

PT-2025-5607

Name of the Vulnerable Software and Affected Versions: Vitest versions prior to 2.1.9 Vitest versions prior to 3.0.4 Description: The screenshot-error handler on the browser mode HTTP server responds to any file on the file system. If the server is exposed on the network by browser.api.host: true...

CVE-2021-0477

In notifyScreenshotError of ScreenshotNotificationsController.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersion...