Tag
A high-severity vulnerability (CVE-2026-53571) in the Vite development server on Windows allows threat actors to bypass `server.fs.deny` restrictions, leading to information disclosure of sensitive files like `.env` or `tls.pem` via crafted HTTP requests utilizing NTFS Alternate Data Streams or 8.3 short names, impacting applications that expose the dev server to the network.