Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Vite Arbitrary File Read (CVE-2025-30208, CVE-2025-31125) - Vulnerability Database

Vite Arbitrary File Read (CVE-2025-30208, CVE-2025-31125)

Description

Vite is a frontend build tool. This version contains an arbitrary file read vulnerability. Successful exploitation of this vulnerability can result in takeover of the server.

Remediation

Upgrade to the latest version of Vite

References

GitHub Security Advisory for CVE-2025-30208
GitHub Security Advisory for CVE-2025-31125

Related Vulnerabilities

Cleo Harmony/VLTrader/LexiCom RCE (CVE-2024-50623, CVE-2024-55956) Critical
Common tags: Arbitrary File Read Known Vulnerabilities
Sitecore Arbitrary File Read (CVE-2024-46938) High
Common tags: Arbitrary File Read Known Vulnerabilities
CakePHP 1.3.5 / 1.2.8 unserialize() vulnerability High
Common tags: Known Vulnerabilities
Python Uncontrolled Resource Consumption Vulnerability (CVE-2019-9674) High
Common tags: Known Vulnerabilities
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2019-9675) High
Common tags: Known Vulnerabilities

Severity

High

Classification

CVE-2025-30208
CVE-2025-31125
CWE-200
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Arbitrary File Read
Known Vulnerabilities