{"vulnerability": "CVE-2026-53633", "sightings": [{"uuid": "c9323508-77dd-4272-8928-a6889b3a6bc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-53633", "type": "published-proof-of-concept", "source": "https://github.com/vitest-dev/vitest/security/advisories/GHSA-g8mr-85jm-7xhm", "content": "", "creation_timestamp": "2026-06-01T13:35:28.000000Z"}, {"uuid": "13f57400-12b6-442d-bcc0-bd75991c607f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53633", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqplostaaq2v", "content": "CVE-2026-53633 - browser\nVitest Browser Mode projects using a CDP-capable browser are at risk of remote code execution when the browser API server is exposed to the network. This can happen when an\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#browser #vitest #npm #CVE #infosec", "creation_timestamp": "2026-07-15T20:46:07.048353Z"}]}