You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
have a sensitive content in files ending with .map and the path is predictable
Details
In Vite v7.3.1, the dev server’s handling of .map requests for optimized dependencies resolves file paths and calls readFile without restricting ../ segments in the URL. As a result, it is possible to bypass the server.fs.strict allow list and retrieve .map files located outside the project root, provided they can be parsed as valid source map JSON.
PoC
Create a minimal PoC sourcemap outside the project root
the sensitive file exists in the allowed directories specified by server.fs.allow
either of:
the sensitive file exists in an NTFS volume
the dev server is running on Windows and the sensitive file exists in a volume that 8.3 short name generation is enabled (it is enabled by default on system volumes)
Details
Vite’s dev server denies direct access to sensitive files through server.fs.deny, including entries such as .env, .env.*, and *.{crt,pem}. However, on Windows, the deny logic does not correctly normalize NTFS ADS path forms before access checks are applied.
Because of this, requests such as /.env::$DATA?raw are treated as allowed paths, while Windows resolves them to the original file's default data stream.
Similar to that, Windows allows accessing a file using a different name with the 8.3 short name compatibility feature. Vite did not reject accessing files via them.
PoC
$ npm create vite@latest
$ cd vite-project/
$ npm install
$ npm run dev
Access via browser at http://localhost:5173/.env::$DATA?raw
Example expected result:
/.env::$DATA?raw returns the contents of .env
/tls.pem::$DATA?raw returns the contents of tls.pem
The launch-editor NPM package accesses arbitrary paths including Windows UNC paths. When a UNC path is opened, Windows automatically attempts NTLM authentication to the remote host, causing the user’s NTLMv2 password hash to be leaked to an attacker-controlled SMB server. This can result in credential compromise through offline hash cracking.
Impact
If the following conditions are met, an attacker can get the NTLMv2 password hash on the computer that is using the launch-editor:
the user accesses the attackers website that sends request to a middleware using launch-editor
the server that has the middleware using launch-editor is running
the attacker knows the URL for that server and the middleware
This would be a problem if the user password is too simple that it can be identified through offline hash cracking, potentially leading to further compromise of developer accounts or internal systems.
Details
launch-editor accepts file paths without validating or restricting Windows UNC paths such as:
\\attacker-host\share
On Windows systems, accessing a UNC path triggers an automatic NTLM authentication attempt to the remote SMB server. No user interaction or warning is required for this authentication attempt to occur.
If an attacker controls the SMB server referenced by the UNC path the victim’s NTLMv2 hash is transmitted to the attacker. The attacker can then capture the hash and perform offline password cracking. Successful cracking reveals the victim’s cleartext password.
The attacker could target a developer that uses a development server using launch-editor to develop code locally, send them a link and grab their NTLMv2 hash.
PoC
From the attacker side, we will setup an SMB server. I personally used Impacket's smbserver.py, but you could use something like Responder for this as well. For keeping it simple, we will use smbserver.py here.
First, let's create a directory to serve as an SMB share.
Now, run any project that uses the launch-editor package. I have setup a simple "Hello world" project that uses Vite to do this. Then run the project locally (vite).
Now last, we will open a browser window and navigate to the URL used by the launch-editor package to trigger the NTLM authentication. Or we can use curl to achieve the same.
Note the IP address in the HTTP request, and make sure it connects to the IP address of the SMB server. Now we can look at the logs of smbserver.py and see the NTLMv2 hash coming in.
Next steps: Take a moment to review the security alert above. Review
the linked package source code to understand the potential risk. Ensure the
package is not malicious before proceeding. If you're unsure how to proceed,
reach out to your security team or ask the Socket team for help at
support@socket.dev.
Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.
Mark the package as acceptable risk. To ignore this alert only
in this pull request, reply with the comment
@SocketSecurity ignore npm/@emnapi/runtime@1.11.1. You can
also ignore all packages with @SocketSecurity ignore-all.
To ignore an alert for all future pull requests, use Socket's Dashboard to
change the triage state of this alert.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
^5.2.11→^8.0.0Vite Vulnerable to Path Traversal in Optimized Deps
.mapHandlingCVE-2026-39365 / GHSA-4w7w-66w2-5vf9
More information
Details
Summary
Any files ending with
.mapeven out side the project can be returned to the browser.Impact
Only apps that match the following conditions are affected:
--hostorserver.hostconfig option).mapand the path is predictableDetails
In Vite v7.3.1, the dev server’s handling of
.maprequests for optimized dependencies resolves file paths and callsreadFilewithout restricting../segments in the URL. As a result, it is possible to bypass theserver.fs.strictallow list and retrieve.mapfiles located outside the project root, provided they can be parsed as valid source map JSON.PoC
/@​fsaccess is blocked bystrict(returns 403)../segments under the optimized deps.mapURL prefix to reach/tmp/poc.mapSeverity
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:NReferences
This data is provided by the GitHub Advisory Database (CC-BY 4.0).
vite:
server.fs.denybypass on Windows alternate pathsCVE-2026-53571 / GHSA-fx2h-pf6j-xcff
More information
Details
Summary
The contents of files that are specified by
server.fs.denycan be returned to the browser on Windows.Impact
Only apps that match the following conditions are affected:
--hostorserver.hostconfig option)server.fs.allowDetails
Vite’s dev server denies direct access to sensitive files through
server.fs.deny, including entries such as.env,.env.*, and*.{crt,pem}. However, on Windows, the deny logic does not correctly normalize NTFS ADS path forms before access checks are applied.Because of this, requests such as
/.env::$DATA?raware treated as allowed paths, while Windows resolves them to the original file's default data stream.Similar to that, Windows allows accessing a file using a different name with the 8.3 short name compatibility feature. Vite did not reject accessing files via them.
PoC
$ npm create vite@latest $ cd vite-project/ $ npm install $ npm run devAccess via browser at

http://localhost:5173/.env::$DATA?rawExample expected result:
/.env::$DATA?rawreturns the contents of.env/tls.pem::$DATA?rawreturns the contents oftls.pemSeverity
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:NReferences
This data is provided by the GitHub Advisory Database (CC-BY 4.0).
launch-editor: NTLMv2 hash disclosure via UNC path handling on Windows
CVE-2026-53632 / GHSA-v6wh-96g9-6wx3
More information
Details
Summary
The
launch-editorNPM package accesses arbitrary paths including Windows UNC paths. When a UNC path is opened, Windows automatically attempts NTLM authentication to the remote host, causing the user’s NTLMv2 password hash to be leaked to an attacker-controlled SMB server. This can result in credential compromise through offline hash cracking.Impact
If the following conditions are met, an attacker can get the NTLMv2 password hash on the computer that is using the
launch-editor:launch-editorlaunch-editoris runningThis would be a problem if the user password is too simple that it can be identified through offline hash cracking, potentially leading to further compromise of developer accounts or internal systems.
Details
launch-editoraccepts file paths without validating or restricting Windows UNC paths such as:On Windows systems, accessing a UNC path triggers an automatic NTLM authentication attempt to the remote SMB server. No user interaction or warning is required for this authentication attempt to occur.
If an attacker controls the SMB server referenced by the UNC path the victim’s NTLMv2 hash is transmitted to the attacker. The attacker can then capture the hash and perform offline password cracking. Successful cracking reveals the victim’s cleartext password.
The attacker could target a developer that uses a development server using
launch-editorto develop code locally, send them a link and grab their NTLMv2 hash.PoC
From the attacker side, we will setup an SMB server. I personally used Impacket's smbserver.py, but you could use something like Responder for this as well. For keeping it simple, we will use
smbserver.pyhere.First, let's create a directory to serve as an SMB share.
Then, start the SMB server.
Now, run any project that uses the launch-editor package. I have setup a simple "Hello world" project that uses Vite to do this. Then run the project locally (
vite).Now last, we will open a browser window and navigate to the URL used by the launch-editor package to trigger the NTLM authentication. Or we can use
curlto achieve the same.Note the IP address in the HTTP request, and make sure it connects to the IP address of the SMB server. Now we can look at the logs of
smbserver.pyand see the NTLMv2 hash coming in.Severity
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:H/SI:H/SA:HReferences
This data is provided by the GitHub Advisory Database (CC-BY 4.0).
Release Notes
vitejs/vite (vite)
v8.1.5Compare Source
Please refer to CHANGELOG.md for details.
v8.1.4Compare Source
Features
Bug Fixes
import.meta.urlin preload function as-is (#22839) (f1f90ed)Documentation
@defaultforserver.cors(#22859) (70435b2)Miscellaneous Chores
Code Refactoring
Tests
Build System
onwarnwithonLog(#22741) (c581b55)v8.1.3Compare Source
Bug Fixes
es-module-lexerto 2.3.0 (#22838) (7103c3a)v8.1.2Compare Source
Bug Fixes
v8.1.1Compare Source
Features
Bug Fixes
import.meta.hot.invalidate()(#22797) (709eb8e)@importurls with lightningcss (#22718) (9fa7ab4)esbuild.jsxSideEffectswhen converting tooxc.jsx.pure(#22809) (33895ba)ERR_CLOSED_SERVERin scanner (#22784) (085a0ab)inputfromroot(#22769) (9722b07)Miscellaneous Chores
Code Refactoring
Object.valuescalls (#22790) (1113acf)Tests
v8.1.0Compare Source
Features
server.fs.denylist with common files (#22707) (61ba8fd)~for Rolldown (#22693) (9928722)Bug Fixes
Code Refactoring
rolldownOptionsproperty for chunkImportMap (#22692) (8e8816c)v8.0.16Compare Source
Bug Fixes
v8.0.15Compare Source
Features
Bug Fixes
Miscellaneous Chores
Code Refactoring
collectAllModulesfunction (#22562) (6978a9c)v8.0.14Compare Source
Features
Bug Fixes
Miscellaneous Chores
Code Refactoring
Tests
v8.0.13Compare Source
Features
onEnd(#22357) (47071ce)Bug Fixes
write=false(#22328) (158e8ae)name/originalFileNamein syntheticassetFileNamescall (#22439) (8e59c97)isBundledper environment (#22257) (a576326)Miscellaneous Chores
v8.0.12Compare Source
Features
Bug Fixes
rolldownOptionsinstead of deprecatedrollupOptionsin messages (#22400) (b675c7b)build.targetto worker bundle (#22404) (3c93fde)Miscellaneous Chores
v8.0.11Compare Source
Features
Bug Fixes
Documentation
Miscellaneous Chores
Code Refactoring
Tests
v8.0.10Compare Source
Features
Bug Fixes
hmrClient.logger.debugandhmrClient.logger.errorlooked different from other HMR logs (#22147) (a4d828f).css?inline(#22292) (83f0a78)Code Refactoring
v8.0.9Compare Source
Features
Bug Fixes
watchChangehook (#22188) (fc08bda)?rawimports (#22148) (3ec9cda)Documentation
Miscellaneous Chores
v8.0.8Compare Source
Features
Bug Fixes
dns.getDefaultResultOrdertemporary (#22202) (15f1c15)v8.0.7Compare Source
Bug Fixes
v8.0.6Compare Source
Features
Bug Fixes
Performance Improvements
getLocalhostAddressIfDiffersFromDNSwhen DNS order isverbatim(#22151) (56ec256)Miscellaneous Chores
v8.0.5Compare Source
Bug Fixes
server.fsafter stripping query as well (#22160) (a9a3df2)v8.0.4Compare Source
Features
Bug Fixes
hasBothRollupOptionsAndRolldownOptionsshould returnfalsefor proxy case (#22043) (99897d2)vite/modulepreload-polyfill(#22126) (17330d2)#(#22038) (3460fc5)Documentation
environment.fetchModuledocumentation (#22035) (54229e7)Miscellaneous Chores
Code Refactoring
v8.0.3Compare Source
Features
Bug Fixes
metaidentifier insideimport.metawhen a binding namedmetaexists (#22019) (cff5f0c)Miscellaneous Chores
Tests
getCssFilesForChunk(#22016) (43fbbf9)v8.0.2Compare Source
Features
Bug Fixes
Miscellaneous Chores
Configuration
📅 Schedule: (UTC)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.