Summary3 min read

SANS Stormcast Summary — April 3, 2026

Host: Johannes B. Ullrich
Main Theme:
A concise update on three significant cybersecurity topics: exploitation of a Vite developer tool vulnerability, OpenSSH 10.3 security updates, and a newly discovered vulnerability in the Claude code platform following a source code leak.

Key Discussion Points & Insights

1. Vite Developer Tool Vulnerability Exploitation

[00:20–02:10]

Incident:
Johannes observed scans targeting a known vulnerability in Vite (pronounced “vid”), a developer tool, through the podcast’s honeypots.
Vulnerability Details:
- Originally discovered by OffSec in July 2025.
- Nature: The exploit allows HTTP requests to arbitrary local files by mapping URL prefixes directly to the filesystem, ignoring document RO settings.
- Access Control Bypass: "[The] vulnerability discovered last July does allow arbitrary access as long as the URL ends in .raw. So that particular suffix essentially then bypasses the access control."
  — Johannes, [01:23]
Scan Behavior:
Scans weren’t just directed to Vite’s default port (5173), but to standard HTTP ports, suggesting attackers are seeking misconfigured or mistakenly exposed instances.
Mitigation Advice:
- Do not expose Vite instances to the internet.
- Run the latest version and check for correct configuration.
Notable Quote:

"If you're running Vite, please make sure that you are running it securely, that you're not exposing it, and that you're also running the latest version."
— Johannes, [01:37]

2. OpenSSH 10.3 Security Update

[02:11–03:06]

Release Information:
OpenSSH 10.3 addresses several security issues, but none are deemed critical or require urgent patching for most users.
Vulnerability Details:
- One vulnerability might appear serious ("operator code execution"), but exploitation requires a very specific configuration.
- The attacker must provide a special username parameter, and the config must use a percent token for expansion, which restricts real-world impact.
Patch Advice:
- Apply updates as they become available, but “no need to panic.”
Notable Quote:

"None of these security issues I would consider critical or something that would require you to patch now... Still, as the patch becomes available, just update."
— Johannes, [02:20]

3. Claude Code Source Leak & Vulnerability

[03:07–04:27]

Background:
The source code for Claude code was accidentally published along with source maps, not due to a breach but a careless release.
Research & Discovery:
- Researchers are now combing through the code for hidden features or potential exploits.
- Adversa found a notable vulnerability in a security feature intended to restrict certain shell commands.
Security Feature Flaw:
- Claude code allows developers to restrict which shell commands (like rm or curl) can be executed.
- If more than 50 commands are run in a row, the security check is skipped—ostensibly because the check is deemed too “costly.”
- As a result, a dangerous command (e.g., rm) placed after 50 benign commands bypasses restrictions.
- Caution advised when using AI development tools with command execution capabilities.
Johannes’s Approach:
- Recommends developing on a remote machine to mitigate risks:
  
  "That way my main work machine is not necessarily affected by anything going wrong here during development."
  — Johannes, [04:15]
Notable Quote:

"The problem here is that by itself the feature works great, but if you have more than 50 commands in a row...then this security check is skipped."
— Johannes, [03:52]

Memorable Moments & Quotes

On Vite Mispronunciations:

"By the way, this tool, well, it's pronounced vid, but it's really sort of a French tool and the spelling is V I t e, so some people may pronounce it like videe or something like that."
— Johannes, [01:49]
On Claude Code Security Flaw:

"You may want to be a little bit careful here and for example not run a command like RM or maybe curl or such getting some approval or with any further scrutiny."
— Johannes, [03:27]

Timestamps for Important Segments

Vite Developer Tool Vulnerability: [00:20–02:10]
OpenSSH 10.3 Update: [02:11–03:06]
Claude Code Source Leak & Vulnerability: [03:07–04:27]

Tone & Takeaways

Johannes maintains a calm, practical, and slightly technical tone, emphasizing vigilance over panic. He cautions listeners about newly emerging threats, encourages keeping systems up-to-date, and shares practical advice for safe development practices.

Closing advice:

"Be careful with all of these genetic tools. Personally, I actually like the idea of using a remote machine for development like this."
— Johannes, [04:13]

For additional details or to submit questions, visit: https://isc.sans.edu/contact.html

Loading summary

Transcript1 lines

[00:05]
A
Hello and welcome to the Friday, April 3, 2026 edition of the SANS Internet Storm Center's Stormcast. My name is Johannes Ulrich, recording today from Orlando, Florida, and this episode is brought to you by the SANS Edu Graduate Certificate Program. In incident response today, I noticed in our honeypots that we are seeing some scans for a vulnerability in the developer tool Vite. This vulnerability was discovered by offsec last July and now apparently is being exploited. It's fairly straightforward to exploit vulnerability, even though I doubt that there will be a lot of exposed systems. Typically this particular tool listens on port 5173. Well, this is not where the scans are going to. These scans are going to standard HTTP ports. So that's the first thing that made me a little bit think that maybe they're looking for someone who maybe misconfigured this particular tool. The problem with the tool is that it does provide access to files on the local file system via simple HTTP requests. All you need is a prefix and that will then basically just map to the file system, disregarding the document RO settings like this. However, there is some access control that is provided that basically limits this access to certain directories. However, the vulnerability discovered last July does allow arbitrary access as long as the URL ends in raw. So that particular suffix essentially then bypasses the access control. If you're running Vite, please make sure that you are running it securely, that you're not exposing it, and that you're also running the latest version. And by the way, this tool, well, it's pronounced vid, but it's really sort of a French tool and the spelling is V I t e, so some people may pronounce it like videe or something like that. And OpenSSH version 10.3 has been released and with that a number of security issues were addressed. None of these security issues I would consider critical or something that would require you to patch now if there will be an update for your particular Unix distribution. As such, of course apply these updates. The one wannabe that sounds critical because yes, it is an operator code execution vulnerability does require very specific configuration and it also basically only is exploitable if the attacker is able to supply a username parameter. Plus you need to have a percent token in your configuration that would then be expanded. So highly unlikely that this can be sort of leveraged in a real attack. Still, as the patch become available, just update and you probably heard a couple days ago Claude code leaked its source code. This wasn't really a compromise per se, it was really just, well being careless in publishing a new version of Claude code, including source maps. But with the source code available now, of course, various researchers are looking for hidden features or for vulnerability. Adversa found one interesting vulnerability in Claude code that affects the security feature where a developer is able to not allow Claude code to run certain shell commands. Well, of course now Claud code is all about allowing Claude code to run shell commands, but you may want to be a little bit careful here and for example not run a command like RM or maybe curl or such getting some approval or with any further scrutiny. The problem here is that by itself the feature works great, but if you have more than 50 commands in a row, so you basically just take the dangerous command like RM and you first run 50 unrelated benign commands, well then this security check is skipped. The problem here apparently is that the security check would cost too many tokens, so it's too costly and as a result Claude code just silencing the skips the security check. So be careful with all of these genetic tools. Personally actually like the idea of using a remote machine for development like this. That way my main work machine is not necessarily affected by anything going wrong here during development. Well, and this is it for today. So thanks again for listening, thanks for liking, thanks for subscribing and as always, talk to you again on my Monday. Bye.