8 matches found
CVE-2026-27118
SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. Versions of @sveltejs/adapter-vercel prior to 6.3.2 are vulnerable to cache poisoning. An internal query parameter intended for Incremental Static Regeneration ISR is accessible on all routes, allowi...
CVE-2026-27118
SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. Versions of @sveltejs/adapter-vercel prior to 6.3.2 are vulnerable to cache poisoning. An internal query parameter intended for Incremental Static Regeneration ISR is accessible on all routes, allowi...
CVE-2026-27118 Cache poisoning in @sveltejs/adapter-vercel
SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. Versions of @sveltejs/adapter-vercel prior to 6.3.2 are vulnerable to cache poisoning. An internal query parameter intended for Incremental Static Regeneration ISR is accessible on all routes, allowi...
CVE-2026-27118 Cache poisoning in @sveltejs/adapter-vercel
SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. Versions of @sveltejs/adapter-vercel prior to 6.3.2 are vulnerable to cache poisoning. An internal query parameter intended for Incremental Static Regeneration ISR is accessible on all routes, allowi...
CVE-2026-27118 Cache poisoning in @sveltejs/adapter-vercel
SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. Versions of @sveltejs/adapter-vercel prior to 6.3.2 are vulnerable to cache poisoning. An internal query parameter intended for Incremental Static Regeneration ISR is accessible on all routes, allowi...
CVE-2026-27118
CVE-2026-27118 affects the SvelteKit adapter for Vercel: versions prior to 6.3.2 are vulnerable to cache poisoning due to an internal ISR query parameter that is exposed on all routes. An attacker can trigger caching of sensitive user-specific responses to other users if a victim visits a crafted...
GHSA-9PQ4-5HCF-288C Cache poisoning in @sveltejs/adapter-vercel
Versions of @sveltejs/adapter-vercel prior to 6.3.2 are vulnerable to cache poisoning. An internal query parameter intended for Incremental Static Regeneration ISR is accessible on all routes, allowing an attacker to cause sensitive user-specific responses to be cached and served to other users...
PT-2026-20880
Name of the Vulnerable Software and Affected Versions @sveltejs/adapter-vercel versions prior to 6.3.2 Description @sveltejs/adapter-vercel is a framework used for developing web applications with Svelte. A flaw exists where an internal query parameter, designed for Incremental Static Regeneratio...