Detect CVE-2026-47429: Vitest UI Server Arbitrary File Read and Execution in Elastic Security
CVE-2026-47429 is a critical missing authorization vulnerability (CWE-862, CVSS 9.8) in the Vitest UI server. When the Vitest UI server is listening, unauthenticated remote attackers can read arbitrary files from the filesystem and execute arbitrary code. Affected versions include Vitest < 3.2.6 and >= 4.0.0, < 4.1.0. A public proof-of-concept exists. Exploitation typically involves sending crafted WebSocket or HTTP requests to the Vitest UI server's RPC endpoint to traverse the filesystem or trigger code execution via the browser plugin's file system command handlers.
MITRE ATT&CK
Elastic Detection Query
sequence by host.name with maxspan=5m
[process where event.type == "start"
and process.name in ("node", "node.exe")
and process.args : ("*vitest*", "*@vitest/ui*")
and process.args : ("*--ui*", "*ui*")]
[network where event.type == "connection"
and network.direction == "ingress"
and destination.port in (51204, 51205, 5173, 5174, 4173)
and not source.ip in ("127.0.0.1", "::1", "0:0:0:0:0:0:0:1")]
[file where event.type in ("open", "read", "access")
and file.path : ("*/.env", "*/id_rsa", "*/id_ed25519", "*/.pem", "*/shadow", "*/passwd", "*/credentials", "*/secrets*", "*/.aws/*")]EQL sequence correlation detecting the full CVE-2026-47429 exploitation chain: Vitest UI process start, followed by a remote inbound connection to a Vitest default port, followed by sensitive file access — all within a 5-minute window on the same host.
Data Sources
Required Tables
False Positives & Tuning
- Legitimate developer workflows where vitest --ui is running and config files are read during test initialization
- Docker-in-Docker CI environments where internal IPs are not classified as loopback
- Security scanning tools accessing Vitest ports during authorized penetration testing
- Monorepo tooling frameworks that launch Vitest UI as part of broader build processes
Other platforms for CVE-2026-47429
Testing Methodology
Validate this detection against 3 adversary techniques from Atomic Red Team. Each test below lists the behaviour to exercise and the telemetry you should expect to see. Executable commands and cleanup steps are available with Pro.
- Test 1CVE-2026-47429 - Vitest UI Arbitrary File Read via RPC
Expected signal: Network connection from external IP to port 5173; node process file open event for /etc/passwd; WebSocket upgrade request in proxy logs
- Test 2CVE-2026-47429 - Vitest UI Credential File Exfiltration Simulation
Expected signal: Sequence of file open events for multiple sensitive paths initiated by node process; multiple WebSocket messages to Vitest UI port within short timeframe
- Test 3CVE-2026-47429 - Vitest UI Remote Code Execution via Test Execution
Expected signal: Child process spawned by node with shell command arguments; file creation event at /tmp/vitest-rce-proof.txt; Sysmon Event ID 1 for child process of node.exe/node
References (8)
- https://github.com/vitest-dev/vitest/security/advisories/GHSA-5xrq-8626-4rwp
- https://github.com/vitest-dev/vitest/blob/eb1abf08573032a532015b999ad3501c5e89e3bb/packages/browser/src/node/commands/fs.ts#L10-L11
- https://github.com/vitest-dev/vitest/blob/eb1abf08573032a532015b999ad3501c5e89e3bb/packages/browser/src/node/plugin.ts#L194-L196
- https://github.com/vitest-dev/vitest/blob/eb1abf08573032a532015b999ad3501c5e89e3bb/packages/browser/src/node/rpc.ts#L115-L121
- https://github.com/vitest-dev/vitest/blob/eb1abf08573032a532015b999ad3501c5e89e3bb/packages/ui/node/index.ts#L77
- https://github.com/vitest-dev/vitest/blob/eb1abf08573032a532015b999ad3501c5e89e3bb/packages/vitest/src/api/setup.ts#L103-L105
- https://github.com/vitest-dev/vitest/blob/eb1abf08573032a532015b999ad3501c5e89e3bb/packages/vitest/src/api/setup.ts#L119-L121
- https://github.com/advisories/GHSA-5xrq-8626-4rwp
Unlock Pro Content
Get the full detection package for CVE-2026-47429 including response playbook, investigation guide, and atomic red team tests.