Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

vite

Ecosystem:
npm
Package URL:
pkg:npm/vite
Total PRs:
122,164 Dependabot PRs
Latest PR:
about 2 hours ago
Unique Repositories:
49,183 repositories
Unique Repos (30 days):
1,450 repositories
Security Advisories
Vite has a `server.fs.deny` bypassed for `inline` and `raw` with `?import` query
GHSA-4r4m-qw57-chr8 CVE-2025-31125 MODERATE published about 1 year ago • updated 1 day ago
### Summary The contents of arbitrary files can be returned to the browser. ### Impact Only apps explicitly exposing the Vite dev server to the n...
launch-editor: NTLMv2 hash disclosure via UNC path handling on Windows
GHSA-v6wh-96g9-6wx3 CVE-2026-53632 MODERATE published 6 days ago • updated 6 days ago
### Summary The `launch-editor` NPM package accesses arbitrary paths including Windows UNC paths. When a UNC path is opened, Windows automatically ...
Vite dev server option `server.fs.deny` can be bypassed when hosted on case-insensitive filesystem
GHSA-c24v-8rfc-w8vw CVE-2024-23331 HIGH published over 2 years ago • updated 1 day ago
### Summary [Vite dev server option](https://vitejs.dev/config/server-options.html#server-fs-deny) `server.fs.deny` can be bypassed on case-insensi...
Vite before v2.9.13 vulnerable to directory traversal via crafted URL to victim's service
GHSA-mv48-hcvh-8jj8 CVE-2022-35204 HIGH published almost 4 years ago • updated 1 day ago
Vite before v2.9.13 was discovered to allow attackers to perform a directory traversal via a crafted URL to the victim's service.
Websites were able to send any requests to the development server and read the response in vite
GHSA-vg6x-rcgg-rjx6 CVE-2025-24010 MODERATE published over 1 year ago • updated 1 day ago
### Summary Vite allowed any websites to send any requests to the development server and read the response due to default CORS settings and lack of...
View all 22 advisories
Recent PRs
RSS Feed
Bump vite from 7.3.5 to 8.0.16

gralamin/starwars-react-crawl #59

7.3.5 → 8.0.16 Major PR
Closed about 2 hours ago 2 comments
gralamin
chore(deps-dev)(deps-dev): bump the dev-deps group across 1 directory with 8 updates

2001leety-code/cocotrip-source- #988

7.3.3 → 7.3.5 Patch PR
Open about 3 hours ago 2 comments
2001leety-code
chore(deps): bump the npm_and_yarn group across 1 directory with 12 updates

maiconramos/robo-multipost #103

6.4.1 → 6.4.3 Patch PR
Closed about 10 hours ago 2 comments
maiconramos
chore(deps): bump the npm-user-minor-patch group across 1 directory with 23 updates

CarterPerez-dev/CertGames-Core #313

8.0.14 → 8.0.16 Patch PR
Open about 10 hours ago 2 comments
CarterPerez-dev
chore(deps): bump the npm-admin-minor-patch group across 1 directory with 20 updates

CarterPerez-dev/CertGames-Core #312

8.0.14 → 8.0.16 Patch PR
Open about 10 hours ago 2 comments
CarterPerez-dev
chore(deps-dev): bump vite from 6.4.3 to 8.0.16

MapleAllen/snack-store-staff-management-system #4

6.4.3 → 8.0.16 Major PR
Closed about 12 hours ago 2 comments
MapleAllen
chore(deps): bump vite from 6.4.2 to 6.4.3

Hardonian/Settler #1194

6.4.2 → 6.4.3 Patch PR
Open about 18 hours ago 4 comments
Hardonian
chore(deps-dev): bump the public-linksite-development group in /PublicLinksite with 9 updates

darkiifr/Fiip #50

7.3.5 → 8.0.16 Major PR
Open about 22 hours ago 1 comment
darkiifr
Bump vite and @vitejs/plugin-react in /react-tutorial

shu0411/training #28

7.0.4 → 8.0.16 Major PR
Closed 1 day ago 4 comments
shu0411
chore(deps)(deps-dev): bump vite from 7.3.5 to 8.0.16 in /frontend

berntpopp/kidney-genetics-db #205

7.3.5 → 8.0.16 Major PR
Closed 1 day ago 3 comments
berntpopp
Bump the npm_and_yarn group across 6 directories with 7 updates

Dct555/core-js #6

8.0.10 → 8.0.16 Patch PR
Open 1 day ago 2 comments
Dct555
build(deps): bump the npm_and_yarn group across 6 directories with 5 updates

arthurianresolve/openclaw #16

8.0.14 → 8.0.16 Patch PR
Open 1 day ago 2 comments
arthurianresolve
chore(deps-dev): bump the npm_and_yarn group across 1 directory with 2 updates

goyaljiiiiii/Open-Source-Contribution-Atelier #306

6.4.2 → 8.0.16 Major PR
Open 1 day ago 2 comments
goyaljiiiiii
chore(deps): bump the npm_and_yarn group across 1 directory with 2 updates

iridiumcao/iridium-remote #48

8.0.14 → 8.0.16 Patch PR
Open 1 day ago 1 comment
iridiumcao
Build(deps): bump the npm_and_yarn group across 23 directories with 7 updates

selfagency/extensions #60

7.3.2 → 7.3.5 Patch PR
Open 1 day ago 1 comment
selfagency
chore(deps)(deps): bump the npm-minor-patch group across 1 directory with 6 updates

vanalmsick/sweepstake #40

8.0.11 → 8.0.16 Patch PR
Open 1 day ago 4 comments
vanalmsick
chore(deps): bump the npm_and_yarn group across 4 directories with 10 updates

selfagency/jsonforms #2

5.4.21 → 6.4.3 Major PR
Open 1 day ago 3 comments
selfagency
chore(deps): bump the npm_and_yarn group across 2 directories with 5 updates

support371/crypto-signal-bot #117

7.3.2 → 8.0.16 Major PR
Open 1 day ago 3 comments
support371
build(deps): bump the npm_and_yarn group across 3 directories with 9 updates

mdjahid11978-design/clawback #14

8.0.10 → 8.0.16 Patch PR
Open 1 day ago 1 comment
mdjahid11978-design
Bump the npm_and_yarn group across 27 directories with 8 updates

ahump20/vercel #157

5.1.8 → 6.4.3 Major PR
Open 1 day ago 1 comment
ahump20
chore(deps): bump the npm_and_yarn group across 9 directories with 17 updates

truffle-ai/dexto #853

7.3.2 → 7.3.5 Patch PR
Open 1 day ago 1 comment
truffle-ai
chore(deps): Bump the npm_and_yarn group across 1 directory with 2 updates

neibaur/domain-placeholder-platform #59

7.3.3 → 7.3.5 Patch PR
Open 1 day ago 69 comments
neibaur
Bump the npm_and_yarn group across 2 directories with 16 updates

tabrezahmed51/Cloudflare-agents_0118 #10

7.2.4 → 7.3.5 Minor PR
Open 1 day ago 1 comment
tabrezahmed51
chore(deps): bump the npm_and_yarn group across 5 directories with 18 updates

EmiyaKiritsugu3/qwen-code #21

5.4.21 → 6.4.3 Major PR
Open 1 day ago 1 comment
EmiyaKiritsugu3
chore(deps): bump the npm_and_yarn group across 1 directory with 13 updates

maiconramos/robo-multipost #91

6.4.1 → 6.4.3 Patch PR
Closed 1 day ago 2 comments
maiconramos
chore(deps): bump the npm_and_yarn group across 2 directories with 11 updates

reevesc88/hermes-agent #20

7.3.2 → 7.3.5 Patch PR
Open 1 day ago 5 comments
reevesc88
Bump vite from 7.3.3 to 7.3.5

BoxingOctopusCreative/awpmanga-web #5

7.3.3 → 7.3.5 Patch PR
Open 2 days ago 1 comment
BoxingOctopusCreative
chore(deps): bump the npm_and_yarn group across 1 directory with 2 updates

yowainwright/es-check #417

7.3.2 → 7.3.5 Patch PR
Open 2 days ago 5 comments
yowainwright
chore(deps): bump the npm_and_yarn group across 1 directory with 5 updates

tehw0lf/yaft-admin #26

7.3.2 → 7.3.5 Patch PR
Closed 2 days ago 1 comment
tehw0lf
build(deps-dev): Bump vite from 7.3.3 to 7.3.5

HaraldeRoessler/moltrust-agent-firewall #8

7.3.3 → 7.3.5 Patch PR
Open 2 days ago 1 comment
HaraldeRoessler
chore(deps): bump the frontend-deps group across 1 directory with 34 updates

SimCorp/ai-gw #68

6.4.3 → 8.0.16 Major PR
Closed 2 days ago 1 comment
SimCorp
chore(deps): Bump the npm_and_yarn group across 1 directory with 12 updates

Sherlock999xxx/MCP-SuperAssistant #25

6.1.0 → 6.4.3 Minor PR
Open 2 days ago 3 comments
Sherlock999xxx
Bump vite from 8.0.5 to 8.0.16

ksojecki/rod-manager #22

8.0.5 → 8.0.16 Patch PR
Closed 2 days ago 1 comment
ksojecki
Bump vite from 7.3.3 to 7.3.5

sveltekit-i18n/lib #211

7.3.3 → 7.3.5 Patch PR
Open 2 days ago 14 comments
sveltekit-i18n
chore(deps-dev): bump vite from 7.3.2 to 7.3.5 in /hono-worker

ProjectEuropa/Europa #576

7.3.2 → 7.3.5 Patch PR
Open 2 days ago 1 comment
ProjectEuropa
Bump vite from 7.3.2 to 7.3.5

dricholm/guess-the-hero #98

7.3.2 → 7.3.5 Patch PR
Closed 2 days ago 2 comments
dricholm
chore(deps-dev): bump vite from 7.3.2 to 7.3.5 in /frontend

looplj/axonhub #1874

7.3.2 → 7.3.5 Patch PR
Open 2 days ago 1 comment
looplj
chore(deps): bump the npm_and_yarn group across 4 directories with 3 updates

graphql-hive/graphql-yoga #4532

7.3.2 → 7.3.5 Patch PR
Open 2 days ago 1 comment
graphql-hive
chore(deps-dev): Bump vite from 7.3.2 to 7.3.5

ZethicTech/obsidian-mcp #34

7.3.2 → 7.3.5 Patch PR
Open 2 days ago 1 comment
ZethicTech
Bump vite and @angular-devkit/build-angular in /adir_sheets_version/src/ui

google-marketing-solutions/adir #61

removed Removal PR
Open 2 days ago 3 comments
google-marketing-solutions
Bump vite from 6.4.2 to 6.4.3

tverderesi/personal-blog #99

6.4.2 → 6.4.3 Patch PR
Open 2 days ago 1 comment
tverderesi
Build(deps): Bump vite from 6.4.2 to 6.4.3

aarasawa/aarasawa.dev #84

6.4.2 → 6.4.3 Patch PR
Open 2 days ago 1 comment
aarasawa
chore(deps-dev): bump vite from 7.3.2 to 7.3.5 in the npm_and_yarn group across 1 directory

AptS-1547/dns-orchestrator #83

7.3.2 → 7.3.5 Patch PR
Open 2 days ago 1 comment
AptS-1547
chore(deps-dev): bump vite from 7.3.2 to 7.3.5 in /example

anubra266/choc-autocomplete #329

7.3.2 → 7.3.5 Patch PR
Open 2 days ago 3 comments
anubra266
chore(deps): bump the npm_and_yarn group across 19 directories with 9 updates

Cyptopimpinainteazy/x3-atomic-star #105

6.4.2 → 8.0.16 Major PR
Closed 2 days ago 2 comments
Cyptopimpinainteazy
chore(deps-dev): bump vite from 7.3.2 to 7.3.5

Guan-Erjia/slate-vue3 #39

7.3.2 → 7.3.5 Patch PR
Open 2 days ago 2 comments
Guan-Erjia
Bump the npm_and_yarn group across 10 directories with 18 updates

nssuwan186-dev/firebase-tools #79

4.2.1 → 6.4.3 Major PR
Closed 2 days ago 1 comment
nssuwan186-dev
Bump the npm_and_yarn group across 30 directories with 8 updates

kriptoburak/skills-2 #160

7.3.1 → 8.0.16 Major PR
Closed 2 days ago 1 comment
kriptoburak
build(deps-dev): bump vite and @vitejs/plugin-react in /demos/288-template-customization

mirichard/pm-tools-templates #953

7.3.2 → 8.0.16 Major PR
Open 2 days ago 59 comments
mirichard
chore(deps-dev): bump vite from 7.3.1 to 7.3.5 in /apps/web

Prekzursil/TanksFlashMobile #150

7.3.1 → 7.3.5 Patch PR
Closed 2 days ago 2 comments
Prekzursil
Package Details
Name: vite
Ecosystem: npm
PURL Type: npm
Package URL: pkg:npm/vite
JSON API: View JSON
Security Advisories

22

Active advisories
HIGH 7
MODERATE 13
LOW 2
View All npm Advisories
Package Information
Description:

Native-ESM powered web dev build tool

Repository: https://github.com/vitejs/vite
Homepage: https://vite.dev
Latest Release: 6.3.5
about 1 year ago
Dependent Repos: 363,358
Dependent Packages: 31,388
Downloads: 105,034,023
Ranking: Top 0.0591% by dependent repos Top 0.036% by downloads Top 0.0036% by dependent pkgs
PR Status
Open 58,708 (48.1%)
Merged 15,942 (13.1%)
Closed 43,076 (35.3%)
PR Types
Major 39,186 (32.1%)
Minor 23,478 (19.2%)
Patch 53,852 (44.1%)
Removal 1,051 (0.9%)