Which versions of Vite are affected by CVE-2026-53571?

Vite development servers on Windows versions 6.x through 8.x are vulnerable to sensitive file disclosure that exposes .env files, TLS keys, and certificates if the development server is exposed to a…. A patch is available.

Is there a public PoC exploit available for CVE-2026-53571?

Yes, a public proof-of-concept exploit is available for CVE-2026-53571. Prioritise patching immediately.

How to fix or mitigate CVE-2026-53571?

Within 24 hours: Identify all Vite development servers exposed via --host or server.host configuration and immediately block network access. Within 7 days: Remove --host configurations, implement network segmentation restricting dev server access to localhost only, and rotate any credentials in .env files or TLS certificates that may have been exposed. Within 30 days: Apply Vite patch once released (monitor Vite releases for versions 6.x.x+, 7.x.x+, 8.x.x+ with security fixes); for vite-plus fork, verify patch status with maintainers.

Vite CVE-2026-53571

HIGH

Path Traversal (CWE-22)

2026-06-15 https://github.com/vitejs/vite

GHSA-fx2h-pf6j-xcff

Path Traversal Microsoft Node.js

Severity by source

vuln.today AI

5.9 MEDIUM

Network-reachable file read with no auth/UI, but AC:H because the server must be Windows-hosted, network-exposed via non-default `--host`, and target a file on NTFS or with 8.3 enabled; impact is confidentiality only.

3.1 AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

4.0 AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Lifecycle Timeline

Source Code Evidence Fetched

Jun 15, 2026 - 17:50 vuln.today

Analysis Generated

Jun 15, 2026 - 17:50 vuln.today

Blast Radius

ecosystem impact

† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth

31 npm packages depend on vite (27 direct, 4 indirect)
11 npm packages depend on vite-plus (9 direct, 2 indirect)

Ecosystem-wide dependent count for version 8.0.0 and other introduced versions.

DescriptionCVE.org

Summary

The contents of files that are specified by server.fs.deny can be returned to the browser on Windows.

Impact

Only apps that match the following conditions are affected:

explicitly exposes the Vite dev server to the network (using --host or server.host config option)
the sensitive file exists in the allowed directories specified by server.fs.allow
either of:
the sensitive file exists in an NTFS volume
the dev server is running on Windows and the sensitive file exists in a volume that 8.3 short name generation is enabled (it is enabled by default on system volumes)

Details

Vite’s dev server denies direct access to sensitive files through server.fs.deny, including entries such as .env, .env.*, and *.{crt,pem}. However, on Windows, the deny logic does not correctly normalize NTFS ADS path forms before access checks are applied. Because of this, requests such as /.env::$DATA?raw are treated as allowed paths, while Windows resolves them to the original file's default data stream.

Similar to that, Windows allows accessing a file using a different name with the 8.3 short name compatibility feature. Vite did not reject accessing files via them.

PoC

bash

$ npm create vite@latest
$ cd vite-project/
$ npm install
$ npm run dev

Access via browser at http://localhost:5173/.env::$DATA?raw <img width="388" height="129" alt="deecc1315123883cfd0f9c26a002845a" src="https://github.com/user-attachments/assets/895c6012-4e2e-4a35-babb-69bbf3ee7170" />

Example expected result:

/.env::$DATA?raw returns the contents of .env
/tls.pem::$DATA?raw returns the contents of tls.pem

AnalysisAI

Sensitive file disclosure in Vite's development server on Windows allows remote attackers to bypass the server.fs.deny allowlist and retrieve files such as .env, TLS keys, and certificates by abusing NTFS Alternate Data Stream syntax (::$DATA) and 8.3 short filename aliases. Affected versions span Vite 6.x through 8.x and the vite-plus fork, and exploitation is only possible when the dev server is intentionally exposed to the network via --host or server.host. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Identify exposed Vite dev server on LAN

Delivery

Send GET request with `::$DATA` or 8.3 short-name suffix

Exploit

Bypass server.fs.deny normalization

Execution

Read .env / TLS key contents

Impact

Reuse harvested secrets against downstream services

Access

Identify exposed Vite dev server on LAN

Delivery

Send GET request with `::$DATA` or 8.3 short-name suffix

Exploit

Bypass server.fs.deny normalization

Execution

Read .env / TLS key contents

Impact

Reuse harvested secrets against downstream services

Vulnerability AssessmentAI

Exploitation	Exploitation requires all of the following: (1) the Vite dev server is explicitly exposed to the network via the `--host` CLI flag or `server.host` config option (default `localhost` binding is NOT vulnerable to remote attackers), (2) the sensitive target file resides within a directory listed in `server.fs.allow`, and (3) either the file sits on an NTFS volume (enabling the `::$DATA` ADS bypass) or the dev server runs on Windows with NTFS 8.3 short name generation enabled on the target volume (default on system volumes). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	No CVSS vector or EPSS score is provided in the input, and the CVE is not listed in CISA KEV, so quantitative ranking is limited. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	A developer runs `vite` on a Windows laptop with `--host` to test the app from a phone on the same Wi-Fi network. An attacker on the same network (coffee shop, conference Wi-Fi, corporate LAN) requests `http://<dev-host>:5173/.env::$DATA?raw` and receives the contents of the project's `.env` file, harvesting database credentials, cloud API tokens, and signing keys. …
Remediation	Vendor-released patches are available: upgrade `vite` to 8.0.16, 7.3.5, or 6.4.3 depending on the major version in use, and `vite-plus` to 0.1.24, per GHSA-fx2h-pf6j-xcff (https://github.com/vitejs/vite/security/advisories/GHSA-fx2h-pf6j-xcff). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all Vite development servers exposed via --host or server.host configuration and immediately block network access. …

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-53633 CRITICAL Act Now

9.8 Jun 15

Remote code execution in Vitest Browser Mode (npm @vitest/browser 3.0.0-3.2.4, 4.0.0-4.1.7, 5.0.0-beta.0-5.0.0-beta.3) a

CVE-2026-48714 CRITICAL Act Now

9.1 Jun 15

Remote prototype pollution in i18next-http-middleware before 3.9.7 allows unauthenticated attackers to write to Object.p

CVE-2026-53609 CRITICAL Act Now

9.1 Jun 12

Prototype pollution in ApostropheCMS versions up to and including 4.30.0 allows an authenticated editor to poison Object

CVE-2026-48054 HIGH This Week

8.8 Jun 11

Code injection in OpenZeppelin Contracts Wizard's `@openzeppelin/wizard` npm package (<=0.10.8) allows attacker-supplied

CVE-2026-53608 HIGH This Week

8.7 Jun 12

Stored cross-site scripting in the @apostrophecms/seo plugin (versions ≤1.4.2) allows any user holding the default edito

CVE-2026-53571 vulnerability details – vuln.today

Back

Vite CVE-2026-53571

Severity by source

Lifecycle Timeline

Blast Radius

DescriptionCVE.org

Summary

Impact

Details

PoC

AnalysisAI

Unlock full vulnerability intelligence

Attack ChainAIDerived

Vulnerability AssessmentAI

Recommended ActionAI

More from same product – last 7 days

Share

External POC / Exploit Code