CVE-2026-8769
- EPSS 0.02%
- Veröffentlicht 17.05.2026 23:00:13
- Zuletzt bearbeitet 19.05.2026 15:27:30
A vulnerability was determined in vercel ai up to 3.0.97. The impacted element is the function createJsonResponseHandler/createJsonErrorResponseHandler of the file packages/provider-utils/src/response-handler.ts of the component provider-utils. This ...
CVE-2026-8768
- EPSS 0.06%
- Veröffentlicht 17.05.2026 22:45:09
- Zuletzt bearbeitet 19.05.2026 15:24:27
A vulnerability was found in vercel ai up to 3.0.97. The affected element is the function validateDownloadUrl of the file packages/provider-utils/src/download-blob.ts of the component provider-utils. The manipulation results in server-side request fo...
CVE-2026-8767
- EPSS 0.31%
- Veröffentlicht 17.05.2026 22:30:09
- Zuletzt bearbeitet 19.05.2026 14:29:31
A vulnerability has been found in vercel ai up to 3.0.97. Impacted is the function run of the file .github/workflows/prettier-on-automerge.yml of the component PR Branch Name Interpolation. The manipulation leads to os command injection. The attack c...
CVE-2025-48985
- EPSS 0.08%
- Veröffentlicht 07.11.2025 01:15:36
- Zuletzt bearbeitet 04.02.2026 21:11:11
A vulnerability in Vercel’s AI SDK has been fixed in versions 5.0.52, 5.1.0-beta.9, and 6.0.0-beta. This issue may have allowed users to bypass filetype whitelists when uploading files. All users are encouraged to upgrade. More details: https://ve...