CVE report

CVE-2026-39364HIGH

Vite Dev Server - Directory Traversal

Events 7d

2

Distinct IPs

1

Severity

HIGH

CISA KEV

Not listed

Downloads & integrations

Top sources probing for CVE-2026-39364

Top networks the attempts come from

Fingerprints of the clients exploiting this

The HTTP (JA4H) and TLS (JA4) fingerprints seen on these attempts. Click one to see the whole population that carries it.

Sample request paths observed

  • /@fs/app/.env?raw??

URL patterns we match

An event counts toward CVE-2026-39364 if its URL path contains any of these substrings (case-insensitive).

  • · /.env?raw??