Vulnerability Database
296,748
Total vulnerabilities in the database
CVE-2025-31125
Vite is a frontend tooling framework for javascript. Vite exposes content of non-allowed files using ?inline&import or ?raw?import. Only apps explicitly exposing the Vite dev server to the network (using --host or server.host config option) are affected. This vulnerability is fixed in 6.2.4, 6.1.3, 6.0.13, 5.4.16, and 4.5.11.
| Software | From | Fixed in |
|---|---|---|
vitejs / vite
|
6.2.0 | 6.2.4 |
|
vitejs / vite
|
6.1.0 | 6.1.3 |
|
vitejs / vite
|
6.0.0 | 6.0.13 |
|
vitejs / vite
|
5.0.0 | 5.4.16 |
|
vitejs / vite
|
- | 4.5.11 |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime