Vercel Latest High & Critical Vulnerabilities

Latest High & Critical vulnerabilities published by vercel

JSON RSS CSV 🔔 Create Alert Trigger

15 May 2026

Arbitrary Command Execution Vulnerability in Turborepo LSP for VS Code by Vercel
CVE-2026-46508
VercelTurborepo8.4HIGH

13 May 2026

Remote Code Execution Vulnerability in Next.js Framework by Vercel
CVE-2026-45109
VercelNext.js7.5HIGH
Connection Exhaustion Vulnerability in Next.js Framework by Vercel
CVE-2026-44579
VercelNext.js7.5HIGH
Server-Side Request Forgery Vulnerability in Next.js Framework by Vercel
CVE-2026-44578
VercelNext.js🥇📈👾🟡8.6HIGH
Authorization Bypass in Next.js Framework by Vercel
CVE-2026-44574
VercelNext.js8.1HIGH
Authorization Bypass in Next.js Framework by Vercel
CVE-2026-44575
VercelNext.js7.5HIGH
Unauthorized Access in Next.js Framework Affecting Vercel
CVE-2026-44573
VercelNext.js7.5HIGH

3 July 2025

Denial of Service Vulnerability in Next.js by Vercel
CVE-2025-49826
VercelNext.js📈👾📰7.5HIGH

21 March 2025

Authorization Bypass in Next.js Framework by Vercel
CVE-2025-29927
VercelNext.js🥇📈👾🟡EPSS 92%📰9.1CRITICAL

14 October 2024

Potential Denial of Service (DoS) Vulnerability in Image Optimization Feature Affects Next.js Versions
CVE-2024-47831
VercelNext.js7.5HIGH

17 September 2024

Next.js vulnerability: Poisoned cache could expose sensitive data
CVE-2024-46982
VercelNext.js📈👾🟡EPSS 49%📰7.5HIGH

10 July 2024

Denial of Service Condition in Next.js Framework
CVE-2024-39693
VercelNext.js7.5HIGH

14 May 2024

9 February 2024

Predictable Package Names in pkg Lead to Security Risks
CVE-2024-24828
vercelpkg7.8HIGH

22 October 2023

Denial of Service Vulnerability in Next.js by Vercel
CVE-2023-46298
VercelNext.js7.5HIGH

10 December 2021

Unexpected server crash in Next.js
CVE-2021-43803
VercelNext.js7.5HIGH

31 August 2021

XSS in Image Optimization API for Next.js versions between 10.0.0 and 11.1.0
CVE-2021-39178
VercelNext.js7.5HIGH

23 January 2017

Denial of Service Vulnerability in Node.js ms Package
CVE-2015-8315
VercelMs7.5HIGH

Vercel Latest High & Critical Vulnerabilities

Vulnerability Published:

Sort By:

15 May 2026

Arbitrary Command Execution Vulnerability in Turborepo LSP for VS Code by Vercel

13 May 2026

Remote Code Execution Vulnerability in Next.js Framework by Vercel

Connection Exhaustion Vulnerability in Next.js Framework by Vercel

Server-Side Request Forgery Vulnerability in Next.js Framework by Vercel

Authorization Bypass in Next.js Framework by Vercel

Authorization Bypass in Next.js Framework by Vercel

Unauthorized Access in Next.js Framework Affecting Vercel

3 July 2025

Denial of Service Vulnerability in Next.js by Vercel

21 March 2025

Authorization Bypass in Next.js Framework by Vercel

14 October 2024

Potential Denial of Service (DoS) Vulnerability in Image Optimization Feature Affects Next.js Versions

17 September 2024

Next.js vulnerability: Poisoned cache could expose sensitive data

10 July 2024

Denial of Service Condition in Next.js Framework

14 May 2024

Next.js resolves response queue poisoning vulnerability in affected versions

Server-Side Request Forgery (SSRF) vulnerability in Next.js Server Actions

9 February 2024

Predictable Package Names in pkg Lead to Security Risks

22 October 2023

Denial of Service Vulnerability in Next.js by Vercel

10 December 2021

Unexpected server crash in Next.js

31 August 2021

XSS in Image Optimization API for Next.js versions between 10.0.0 and 11.1.0

23 January 2017

Denial of Service Vulnerability in Node.js ms Package