Vulnerabilidades em vercel
54 resultadosCVE-2025-32421LOWNext.js Race Condition to Cache PoisoningEPSS 0.6%CVE-2026-8769MEDIUMvercel ai provider-utils response-handler.ts createJsonErrorResponseHandler resource consumptionEPSS 0.6%CVE-2025-7074MEDIUMvercel hyper rimraf-standalone.js ignoreMap redosEPSS 0.5%CVE-2025-55173MEDIUMNext.js Content Injection Vulnerability for Image OptimizationEPSS 0.5%CVE-2024-39693HIGHNext.js Denial of Service (DoS) conditionEPSS 0.5%CVE-2026-27979MEDIUMNext.js: Unbounded postponed resume buffering can lead to DoSEPSS 0.5%CVE-2026-44579HIGHNext.js: Denial of Service via connection exhaustion in applications using Cache ComponentsEPSS 0.5%CVE-2025-59471MEDIUMA denial of service vulnerability exists in self-hosted Next.js applications that have `remotePatterns` configured for the Image Optimizer. EPSS 0.4%CVE-2026-29057MEDIUMNext.js: HTTP request smuggling in rewritesEPSS 0.4%CVE-2025-49005LOWNext.js cache poisoning due to omission of Vary headerEPSS 0.4%CVE-2026-44577MEDIUMNext.js: Denial of Service in the Image Optimization APIEPSS 0.4%CVE-2026-45109HIGHNext.js: Middleware / Proxy bypass in App Router applications via segment-prefetch routesEPSS 0.4%CVE-2026-45772NONETurborepo: Unexpected local code execution during Yarn Berry detectionEPSS 0.4%CVE-2026-8768MEDIUMvercel ai provider-utils download-blob.ts validateDownloadUrl server-side request forgeryEPSS 0.4%CVE-2026-44574HIGHNext.js: Middleware / Proxy bypass through dynamic route parameter injectionEPSS 0.4%CVE-2025-30218LOWNext.js may leak x-middleware-subrequest-id to external hostsEPSS 0.4%CVE-2025-59472MEDIUMA denial of service vulnerability exists in Next.js versions with Partial Prerendering (PPR) enabled when running in minimal mode. The PPR rEPSS 0.4%CVE-2026-44573HIGHNext.js: Middleware / Proxy bypass in Pages Router applications using i18nEPSS 0.4%CVE-2025-57752MEDIUMNext.js Affected by Cache Key Confusion for Image Optimization API RoutesEPSS 0.3%CVE-2025-46332MEDIUMInformation Disclosure via Flags override linkEPSS 0.3%