Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

AstraLinux
AstraLinuxadded 2026/05/20 5:53 a.m.4 views

Astra Linux - уязвимость в firefox

The sourceMapURL feature in devtools lacked security checks, which would have prevented a webpage from attempting to include local files or other files that should be inaccessible. This vulnerability affects Firefox versions earlier than 99...

6.5CVSS6.8AI score0.00323EPSS
Exploits1References1
NVD
NVDadded 2025/12/16 7:16 p.m.4 views

CVE-2025-68155

@vitejs/plugin-rs provides React Server Components RSC support for Vite. Prior to version 0.5.8, the /viterscfindSourceMapURL endpoint in @vitejs/plugin-rsc allows unauthenticated arbitrary file read during development mode. An attacker can read any file accessible to the Node.js process by sendi...

7.5CVSS0.0118EPSS
Exploits0References4
CVE
CVEadded 2025/12/16 6:20 p.m.15 views

CVE-2025-68155

The CVE concerns @vitejs/plugin-rsc (used with Vite) in development mode. Prior to version 0.5.8, the endpoint /__vite_rsc_findSourceMapURL accepts a file:// URL in the filename query parameter, converts it to a filesystem path, and reads the target file without validating its location, returning...

7.5CVSS6.6AI score0.0118EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2025/12/16 6:20 p.m.1 views

CVE-2025-68155 @vitejs/plugin-rsc has Arbitrary File Read via `/__vite_rsc_findSourceMapURL` Endpoint on Development

@vitejs/plugin-rs provides React Server Components RSC support for Vite. Prior to version 0.5.8, the /viterscfindSourceMapURL endpoint in @vitejs/plugin-rsc allows unauthenticated arbitrary file read during development mode. An attacker can read any file accessible to the Node.js process by sendi...

7.5CVSS6.6AI score0.0118EPSS
Exploits0References4
OSV
OSVadded 2022/12/22 8:15 p.m.0 views

CVE-2022-28283

The sourceMapURL feature in devtools was missing security checks that would have allowed a webpage to attempt to include local files or other files that should have been inaccessible. This vulnerability affects Firefox 99...

6.5CVSS7.3AI score0.00323EPSS
Exploits1References2
OSV
OSVadded 2022/04/07 12:0 a.m.0 views

UBUNTU-CVE-2022-28283

The sourceMapURL feature in devtools was missing security checks that would have allowed a webpage to attempt to include local files or other files that should have been inaccessible. This vulnerability affects Firefox 99...

6.5CVSS7.3AI score0.00323EPSS
Exploits1References4
CNNVD
CNNVDadded 2022/04/05 12:0 a.m.0 views

Mozilla Firefox 安全特征问题漏洞

Mozilla Firefox is an open source Web browser from the Mozilla Foundation. Mozilla Firefox is vulnerable to a security feature issue that stems from a lack of security checks in the sourceMapURL feature of devtools. A remote attacker could use the vulnerability to trick a victim into performing...

6.5CVSS8.3AI score0.00323EPSS
Exploits1References7
Rows per page
Query Builder