Risk Scores
CVSS v4.0
2.299999952316284
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
EPSS Score
0.02%
3.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| vitejs | vite | < 5.4.20, >= 6.0.0, < 6.3.6, >= 7.0.0, < 7.0.7 |
| npm | vite | 7.1.0, 7.0.0, 6.0.0 |
Timeline
- Jan 21, 1970 Security Advisory
- Sep 8, 2025 CVE Published
- Sep 9, 2025 EPSS Score
- Sep 9, 2025 Coalition ESS Score
- Sep 9, 2025 Coalition ESS Score
- Sep 9, 2025 CVE Updated
- Sep 16, 2025 EPSS Score
- Sep 17, 2025 Coalition ESS Score
- Sep 23, 2025 EPSS Score
- Sep 29, 2025 EPSS Score
- Oct 4, 2025 Coalition ESS Score
- Oct 6, 2025 EPSS Score
References
- https://github.com/vitejs/vite/security/advisories/GHSA-jqfw-vq24-v9c3 url
- https://github.com/vitejs/vite/commit/0ab19ea9fcb66f544328f442cf6e70f7c0528d5f url
- https://github.com/vitejs/vite/commit/14015d794f69accba68798bd0e15135bc51c9c1e url
- https://github.com/vitejs/vite/commit/482000f57f56fe6ff2e905305100cfe03043ddea url
- https://github.com/vitejs/vite/commit/6f01ff4fe072bcfcd4e2a84811772b818cd51fe6 url
- https://nvd.nist.gov/vuln/detail/CVE-2025-58752 advisory
- https://github.com/vitejs/vite package
- https://github.com/vitejs/vite/blob/v7.1.5/packages/vite/CHANGELOG.md url