{"uuid": "d36e2be9-5539-421e-9b15-a779cd2bb4b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-47428", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqotrh5lhp2u", "content": "CVE-2026-47428 - browser\nVitest's browser mode can execute malicious JavaScript if you visit a specially crafted URL. This could allow an attacker to steal your Vitest API token and use it to access your\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#browser #vitest #npm #CVE #infosec", "creation_timestamp": "2026-07-15T13:38:04.946277Z"}