vercel

Top products

The 15 most recently published vulnerabilities affecting vercel.

• CVE-2026-8769vercel ai provider-utils response-handler.ts createJsonErrorResponseHandler resource consumption4.3May 17, 2026
• CVE-2026-8768vercel ai provider-utils download-blob.ts validateDownloadUrl server-side request forgery7.3May 17, 2026
• CVE-2026-8767vercel ai PR Branch Name Interpolation prettier-on-automerge.yml run os command injection5.0May 17, 2026
• CVE-2026-45773Turborepo: Login callback CSRF/session fixation6.5May 15, 2026
• CVE-2026-46508Turborepo: VSCode Extension command injection7.8May 15, 2026
• CVE-2026-45772Turborepo: Unexpected local code execution during Yarn Berry detection9.8May 15, 2026
• CVE-2026-45109Next.js: Middleware / Proxy bypass in App Router applications via segment-prefetch routes7.5May 13, 2026
• CVE-2026-44582Next.js: Cache poisoning via collisions in React Server Component cache-busting3.7May 13, 2026
• CVE-2026-44581Next.js: Cross-site scripting in App Router applications using CSP nonces4.7May 13, 2026
• CVE-2026-44580Next.js: Cross-site scripting in beforeInteractive scripts with untrusted input6.1May 13, 2026
• CVE-2026-44579Next.js: Denial of Service via connection exhaustion in applications using Cache Components7.5May 13, 2026
• CVE-2026-44578Next.js: Server-side request forgery in applications using WebSocket upgrades8.6May 13, 2026
• CVE-2026-44577Next.js: Denial of Service in the Image Optimization API5.9May 13, 2026
• CVE-2026-44576Next.js: Cache poisoning in React Server Component responses5.4May 13, 2026
• CVE-2026-44574Next.js: Middleware / Proxy bypass through dynamic route parameter injection8.1May 13, 2026