CVE-2026-41211 | voidzero-dev vite-plus up to 0.1.16 downloadPackageManager path traversal (GHSA-33r3-4whc-44c2)

Inserito da Angelo Barbosa | Apr 23, 2026 | CVE

A vulnerability was found in voidzero-dev vite-plus up to 0.1.16. It has been declared as critical. Affected by this vulnerability is the function downloadPackageManager. The manipulation results in path traversal.

This vulnerability is identified as CVE-2026-41211. The attack is only possible with local access. There is not any exploit available.

It is recommended to upgrade the affected component.

CVE-2026-41211 | voidzero-dev vite-plus up to 0.1.16 downloadPackageManager path traversal (GHSA-33r3-4whc-44c2)

Post correlati

CVE-2026-31018 | Dolibarr ERP CRM up to 22.0.4 Website code injection

CVE-2022-34270 | RWS WorldServer up to 11.7.2 UserWSUserManager access control

CVE-2024-10035 | BG-TEK Informatics Security Technologies CoslatV3 up to 3.1069 code injection

CVE-2024-30302 | Adobe Acrobat Reader up to 20.005.30539/23.008.20470 use after free (apsb24-07)