CVE-2025-58752
unknown
CVSS v3
—
CVSS v2
—
VIR risk
—
Description
Vite's `server.fs` settings were not applied to HTML files
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.
References
- https://github.com/vitejs/vite/security/advisories/GHSA-jqfw-vq24-v9c3
- https://nvd.nist.gov/vuln/detail/CVE-2025-58752
- https://github.com/vitejs/vite/commit/0ab19ea9fcb66f544328f442cf6e70f7c0528d5f
- https://github.com/vitejs/vite/commit/14015d794f69accba68798bd0e15135bc51c9c1e
- https://github.com/vitejs/vite/commit/482000f57f56fe6ff2e905305100cfe03043ddea
- https://github.com/vitejs/vite/commit/6f01ff4fe072bcfcd4e2a84811772b818cd51fe6
- https://github.com/vitejs/vite
- https://github.com/vitejs/vite/blob/v7.1.5/packages/vite/CHANGELOG.md
Verify integrity in audit chain (admin only). AS-IS.