MAL-2026-5565 Malicious code in ai-sdk-helpers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 501daa3c8b2c9c2609dc60fd90ae59710a603ae56fa5dcc867d24913889c5413 [email protected] is a typosquat impersonating the Vercel AI SDK ecosystem homepage ai-sdk.guide, author 'AI SDK Guide '. On npm install,...

Vercel AI SDK 资源管理错误漏洞

Vercel AI SDK is a JavaScript SDK provided by Vercel that supports the integration of large language models, streaming responses, and AI application development. Vercel AI SDK versions 3.0.97 and earlier contain a resource management vulnerability. This vulnerability stems from the functions...

Vercel AI SDK 代码问题漏洞

Vercel AI SDK is a JavaScript SDK developed by Vercel that supports the integration of large language models, streaming responses, and AI application development. Versions of Vercel AI 3.0.97 and earlier contain code vulnerabilities. These vulnerabilities stem from the validateDownloadUrl functio...

AI SDK 命令注入漏洞

AI SDK is a TypeScript AI toolkit open-sourced by Vercel. Versions of AI SDK 3.0.97 and earlier have a command injection vulnerability. This vulnerability stems from the run function in the PR Branch Name Interpolation component, where operating system commands can be injected, potentially allowi...

Malicious code in n8n-nodes-vercel-ai-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e3e7549add420dd6e29fcc100779e22f42e36e3d6a194d64ac5cefe5a764971 The package n8n-nodes-vercel-ai-sdk was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-199066

Malicious code in n8n-nodes-vercel-ai-sdk npm...

MAL-2025-190977 Malicious code in n8n-nodes-vercel-ai-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e3e7549add420dd6e29fcc100779e22f42e36e3d6a194d64ac5cefe5a764971 The package n8n-nodes-vercel-ai-sdk was found to contain malicious code. Source: ghsa-malware...

CVE-2025-48985

A vulnerability in Vercel’s AI SDK has been fixed in versions 5.0.52, 5.1.0-beta.9, and 6.0.0-beta. This issue may have allowed users to bypass filetype whitelists when uploading files. All users are encouraged to upgrade. More details:...

CVE-2025-48985

A vulnerability in Vercel’s AI SDK has been fixed in versions 5.0.52, 5.1.0-beta.9, and 6.0.0-beta. This issue may have allowed users to bypass filetype whitelists when uploading files. All users are encouraged to upgrade. More details:...

CVE-2025-48985

A vulnerability in Vercel’s AI SDK has been fixed in versions 5.0.52, 5.1.0-beta.9, and 6.0.0-beta. This issue may have allowed users to bypass filetype whitelists when uploading files. All users are encouraged to upgrade. More details:...

PT-2025-45397

Name of the Vulnerable Software and Affected Versions Vercel AI SDK versions 5.0.52, 5.1.0-beta.9, and 6.0.0-beta Description A flaw exists in Vercel’s AI SDK that could allow users to bypass filetype whitelists during file uploads. This bypass could potentially lead to unauthorized file uploads...