Lucene search
K

4 matches found

EUVD
EUVD
added 2026/05/27 7:13 a.m.14 views

EUVD-2026-32108

AgentClienthandlemethod lines 264-303 processes every NATS reply. It calls injectcompilelog line 273 on every response, which reads response'value''result''compilelogid' line 332-338 and passes it to downloadanddeleteblob. Separately, any response containing 'exception' goes through formatexcepti...

6.8CVSS5.8AI score0.00083EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/18 12:31 a.m.14 views

EUVD-2026-30713

A vulnerability was found in vercel ai up to 3.0.97. The affected element is the function validateDownloadUrl of the file packages/provider-utils/src/download-blob.ts of the component provider-utils. The manipulation results in server-side request forgery. The attack can be launched remotely. The...

7.5CVSS5.4AI score0.00385EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2026/05/17 10:45 p.m.8 views

CVE-2026-8768 vercel ai provider-utils download-blob.ts validateDownloadUrl server-side request forgery

A vulnerability was found in vercel ai up to 3.0.97. The affected element is the function validateDownloadUrl of the file packages/provider-utils/src/download-blob.ts of the component provider-utils. The manipulation results in server-side request forgery. The attack can be launched remotely. The...

7.5CVSS6.7AI score0.00385EPSS
Exploits1References6
Cvelist
Cvelist
added 2026/05/17 10:45 p.m.54 views

CVE-2026-8768 vercel ai provider-utils download-blob.ts validateDownloadUrl server-side request forgery

A vulnerability was found in vercel ai up to 3.0.97. The affected element is the function validateDownloadUrl of the file packages/provider-utils/src/download-blob.ts of the component provider-utils. The manipulation results in server-side request forgery. The attack can be launched remotely. The...

7.5CVSS0.00385EPSS
Exploits1References6
Rows per page
Query Builder