Vitejs Vite-plugin-react

2 CVEs affecting Vitejs Vite-plugin-react. Latest disclosed: 2025-12-16. Critical: 1, High: 1.

Top CVEs affecting Vitejs Vite-plugin-react
CVESeverityScorePublishedSummary
CVE-2025-67489Critical9.82025-12-09@vitejs/plugin-rs provides React Server Components (RSC) support for Vite. Versions 0.5.5 and below are vulnerable to arbitrary remote code execution on the de…
CVE-2025-68155High7.52025-12-16@vitejs/plugin-rs provides React Server Components (RSC) support for Vite. Prior to version 0.5.8, the `/__vite_rsc_findSourceMapURL` endpoint in `@vitejs/plug…