Ritikchaddha

Name of the Vulnerable Software and Affected Versions Vite versions 7.1.0 through 7.3.1 and 8.0.0 through 8.0.4 Description Vite, a frontend tooling framework for JavaScript, allows retrieval of files blocked by `server.fs.deny` (such as .env and *.crt files) with HTTP 200 responses when specific query parameters like ?raw, ?import&raw, or ?import&url&inline are appended to the request. This occurs when the Vite dev server is exposed to the network and sensitive files are both allowed by `server.fs.allow` and denied by `server.fs.deny`. Recommendations Vite versions 7.1.0 through 7.3.1 should be updated to version 7.3.2 or later. Vite versions 8.0.0 through 8.0.4 should be updated to version 8.0.5 or later.

Name of the Vulnerable Software and Affected Versions hoppscotch versions prior to 2026.3.0 Description hoppscotch, an open source API development ecosystem, contains a DOM-based open redirect issue in the '/enter' page. The `redirect` query parameter is used to construct a URL and redirect the user without validation. Recommendations Update to version 2026.3.0 or later.

**Name of the Vulnerable Software and Affected Versions** Appsmith versions prior to 1.98 **Description** Sensitive instance management API endpoints are exposed without authentication. Unauthenticated attackers can query endpoints such as '/api/v1/consolidated-api/view' and '/api/v1/tenants/current' to retrieve configuration metadata, license information, and unsalted SHA-256 hashes of admin email domains for reconnaissance and targeted attack planning. **Recommendations** Update to version 1.98 or later.

**Name of the Vulnerable Software and Affected Versions** SiYuan versions prior to 3.6.0 **Description** SiYuan is a personal knowledge management system. The `/api/network/forwardProxy` endpoint allows authenticated users to make arbitrary HTTP requests from the server. The endpoint accepts a user-controlled URL and makes HTTP requests to it, returning the full response body and headers. There is no URL validation to prevent requests to internal networks, localhost, or cloud metadata services. This could allow attackers to perform internal network reconnaissance, potentially steal cloud credentials, exfiltrate data, or bypass firewalls. The vulnerable code resides in `/kernel/api/network.go` (Lines 153-317) within the `forwardProxy` function, which only validates the URL format and not the destination. The `url` parameter within the JSON payload sent to the `/api/network/forwardProxy` endpoint is user-controlled. **Recommendations** Update SiYuan to version 3.6.0 or later.