Known Vulnerabilities for products from Vercel
Listed below are 11 of the newest known vulnerabilities associated with the vendor "Vercel".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-44578 json | Not Provided | 2026-05-13 | 2026-05-13 | |
| CVE-2026-44479 json | Not Provided | 2026-05-13 | 2026-05-13 | |
| CVE-2025-7074 json | A vulnerability classified as problematic has been found in vercel hyper up to 3.4.1. This affects the function expand/braceE... | Not Provided | 2025-07-05 | 2026-04-29 |
| CVE-2023-46298 json | Next.js before 13.4.20-canary.13 lacks a cache-control header and thus empty prefetch responses may sometimes be cached by a ... | 7.5 - HIGH | 2023-10-22 | 2023-10-28 |
| CVE-2022-36046 json | Next.js is a React framework that can provide building blocks to create web applications. All of the following must be true t... | 5.3 - MEDIUM | 2022-08-31 | 2022-09-07 |
| CVE-2022-23646 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-02-17 | 2022-02-25 |
| CVE-2022-21721 json | Next.js is a React framework. Starting with version 12.0.0 and prior to version 12.0.9, vulnerable code could allow a bad act... | 7.5 - HIGH | 2022-01-28 | 2023-07-24 |
| CVE-2021-43803 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2021-12-10 | 2024-03-12 |
| CVE-2021-39178 json | Next.js is a React framework. Versions of Next.js between 10.0.0 and 11.0.0 contain a cross-site scripting vulnerability. In ... | 6.1 - MEDIUM | 2021-08-31 | 2021-09-08 |
| CVE-2021-37699 json | Next.js is an open source website development framework to be used with the React library. In affected versions specially enc... | 6.1 - MEDIUM | 2021-08-12 | 2021-08-20 |
| CVE-2020-15242 json | Next.js versions >=9.5.0 and <9.5.4 are vulnerable to an Open Redirect. Specially encoded paths could be used with the traili... | 6.1 - MEDIUM | 2020-10-08 | 2020-12-03 |
| CVE-2017-20162 json | A vulnerability, which was classified as problematic, has been found in vercel ms up to 1.x. This issue affects the function ... | 5.3 - MEDIUM | 2023-01-05 | 2023-11-07 |
| CVE-2015-8315 json | The ms package before 0.7.1 for Node.js allows attackers to cause a denial of service (CPU consumption) via a long version st... | Not Provided | 2017-01-23 | 2025-04-20 |
Known software with vulnerabilities from Vercel
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Vercel | Next.js | 1.0.0 |