Product
An arbitrary file read vulnerability exists in Vitest when the UI server is listening, especially when exposed to the network, allowing an attacker to read arbitrary files outside the project directory and potentially execute arbitrary scripts.