CVE-2026-47428 - Vitest browser mode serves unsanitized otelCarrier query parameter as inline script
CVE ID :CVE-2026-47428 Published : July 14, 2026, 8:17 p.m. | 17 minutes ago Description :Vitest is a testing framework powered by Vite. From 4.0.17 until 4.1.6 and 5.0.0-beta.3, Vitest Browser Mode served /__vitest_test__/ with the otelCarrier query parameter inserted directly into an inline...