CVE-2025-58752 — Vulnetix

CVE-2025-58752 PUBLISHED CVSS 2.299999952316284 LOW

Vite's `server.fs` settings were not applied to HTML files

EPSS 0.03% · 8.0th percentile

Risk Scores

CVSS 4.0

2.299999952316284

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

EPSS Score

0.03%

8.0th percentile

Affected Products

Vendor	Product	Versions
vitejs	vite	>= 7.0.0, < 7.0.7, >= 7.1.0, < 7.1.5, 0
npm	vite	7.1.0, 7.0.0, 6.0.0

Exploit Intelligence

CIRCL seen: CVE-2025-58752 (circl-sighting)
https://github.com/vitejs/vite/commit/0ab19ea9fcb66f544328f442cf6e70f7c0528d5f (circl)
https://github.com/vitejs/vite/commit/14015d794f69accba68798bd0e15135bc51c9c1e (circl)
https://github.com/vitejs/vite/commit/482000f57f56fe6ff2e905305100cfe03043ddea (circl)
https://github.com/vitejs/vite/commit/6f01ff4fe072bcfcd4e2a84811772b818cd51fe6 (circl)
https://github.com/vitejs/vite/security/advisories/GHSA-jqfw-vq24-v9c3 (cve.org)
lisa24-exploit-tests.py (github-poc)
lisa24-exploit-tests.py (github-poc)
lisa24-exploit-tests.py (github-poc)
lisa24-exploit-tests.py (github-poc)

…and 4 more exploits

Timeline

Jan 21, 1970 Security Advisory
Sep 8, 2025 CVE Published
Sep 9, 2025 EPSS Score
Sep 9, 2025 Coalition ESS Score
Sep 9, 2025 Coalition ESS Score
Sep 9, 2025 CVE Updated
Sep 16, 2025 EPSS Score
Sep 17, 2025 Coalition ESS Score
Sep 24, 2025 EPSS Score
Oct 1, 2025 EPSS Score
Oct 4, 2025 Coalition ESS Score
Oct 6, 2025 Coalition ESS Score

References

Open in Interactive Console →

$ Console Community · 100/wk Open console ›