Known exploited
Vite
CVE published 2026-01-22
CVE-2025-31125
CVE-2025-31125 is an improper access control vulnerability in Vitejs that CISA added to the Known Exploited Vulnerabilities (KEV) catalog on 2026-01-22. Because it is KEV-listed, defenders should treat it as a time-sensitive issue and prioritize remediation using vendor guidance. The supplied corpus does not include a CVSS score or additional technical impact details beyond the access-control classification.