261 matches found
CVE-2026-44479
Vercel’s AI Cloud is a unified platform for building modern applications. From 50.16.0 to 52.0.0, hen the Vercel CLI runs in non-interactive mode --non-interactive or auto-detected AI agent, commands that cannot complete autonomously emit JSON payloads with suggested follow-up commands. If the us...
vercel 信息泄露漏洞
Vercel is an open-source cloud platform for application development and deployment. Versions of Vercel from 50.16.0 to 52.0.0 have a vulnerability related to information leakage. This vulnerability arises when commands that cannot be executed autonomously are run in non-interactive mode. If...
Next.js vulnerable to server-side request forgery in applications using WebSocket upgrades
Impact Self-hosted applications using the built-in Node.js server can be vulnerable to server-side request forgery through crafted WebSocket upgrade requests. An attacker can cause the server to proxy requests to arbitrary internal or external destinations, which may expose internal services or...
Hackers Exploit Vercel GenAI to Mass-Produce Convincing Phishing Sites
Hackers are abusing Vercel GenAI to create convincing phishing sites that mimic major brands, including Microsoft, Adidas, and Nike, making scams harder to detect...
@caliperai/caliper (>=0.2.0 <=0.3.0), @doccov/api (>=0.6.0 <=0.6.4) +12 more potentially affected by CVE-2026-44479 via vercel (>=50.41.0 <=51.8.0)
vercel NPM version =50.41.0, =0.2.0, =0.6.0, =0.3.0-rc.2, =3.10.3, =1.1.1, =1.0.1, =1.0.2, =0.1.19, =0.4.0-rc.3, =1.0.0, =2.0.0 Source cves: CVE-2026-44479 Source advisory: OSV:GHSA-PGF8-2HGJ-GRQG...
NPM: Vercel: Non-interactive mode includes CLI arguments in suggested command output
NPM: Vercel: Non-interactive mode includes CLI arguments in suggested command output vulnerability discovered by ? in WordPress Npm vercel versions = 50.16.0, = 52.0.0...
@caliperai/caliper (>=0.2.0 <=0.3.0), @doccov/api (>=0.6.0 <=0.6.4) +12 more potentially affected by CVE-2026-44479 via vercel (>=50.41.0 <=51.8.0)
vercel NPM version =50.41.0, =0.2.0, =0.6.0, =0.3.0-rc.2, =3.10.3, =1.1.1, =1.0.1, =1.0.2, =0.1.19, =0.4.0-rc.3, =1.0.0, =2.0.0 Source cves: CVE-2026-44479 Source advisory: SNYK:JS-VERCEL-16638653...
GHSA-PGF8-2HGJ-GRQG Vercel: Non-interactive mode includes CLI arguments in suggested command output
Summary When the Vercel CLI runs in non-interactive mode --non-interactive or auto-detected AI agent, commands that cannot complete autonomously emit JSON payloads with suggested follow-up commands. If the user authenticated via --token or -t on the command line, the token value is included...
Insertion of Sensitive Information into Log File
Overview vercel is a The command-line interface for Vercel Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File in the suggested follow-up commands in --non-interactive mode or auto-detected AI agent when a command cannot complete autonomously. An...
Vercel: Non-interactive mode includes CLI arguments in suggested command output
Summary When the Vercel CLI runs in non-interactive mode --non-interactive or auto-detected AI agent, commands that cannot complete autonomously emit JSON payloads with suggested follow-up commands. If the user authenticated via --token or -t on the command line, the token value is included...
PT-2026-38406
Name of the Vulnerable Software and Affected Versions Vercel CLI versions 50.16.0 through 52.0.0 Description When running in non-interactive mode via the --non-interactive flag or auto-detected AI agent, commands that cannot complete autonomously emit JSON payloads containing suggested follow-up...
Vercel Finds More Compromised Accounts in Context.ai-Linked Breach
Vercel on Wednesday revealed that it has identified an additional set of customer accounts that were compromised as part of a security incident that enabled unauthorized access to its internal systems. The company said it made the discovery after expanding its investigation to include an extra se...
Vercel Breach Linked to Context.ai, ShinyHunters Says It’s Not Involved
Vercel confirms a breach linked to Context.ai as a hacker lists alleged data for $2M. ShinyHunters denies involvement and flags imposters...
⚡ Weekly Recap: Vercel Hack, Push Fraud, QEMU Abused, New Android RATs Emerge & More
Monday’s recap shows the same pattern in different places. A third-party tool becomes a way in, then leads to internal access. A trusted download path is briefly swapped to deliver malware. Browser extensions act normally while pulling data and running code. Even update channels are used to push...
Vercel Breach Tied to Context AI Hack Exposes Limited Customer Credentials
Web infrastructure provider Vercel has disclosed a security breach that allows bad actors to gain unauthorized access to "certain" internal Vercel systems. The incident stemmed from the compromise of Context.ai, a third-party artificial intelligence AI tool, that was used by an employee at the...
The Vercel Breach: OAuth Supply Chain Attack Exposes the Hidden Risk in Platform Environment Variables
An OAuth supply chain compromise at Vercel exposed how trusted third party apps and platform environment variables can bypass traditional defenses and amplify blast radius. This article examines the attack chain, underlying design tradeoffs, and what it reveals about modern PaaS and software supp...
MAL-2026-2905 Malicious code in simple-auth-basic (npm)
simple-auth-basic is a malicious npm package that when imported downloads a C2 dropper from https://coingecko-liard.vercel.app and executes it. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8802844b712eedf88f3862f4e836efd3a767ee4944f6ec3b8c3fbe849fd741b The...
Malicious code in sjs-biginteger (npm)
sjs-biginteger typosquats big.js on npm. Published April 7, 2026 by throwaway account vanes.s.p.orit.a, the package ships legitimate big.js source and hides its payload in a dependency: sjs-lint-build1. On install, the dependency’s postinstall hook fetches the attacker’s SSH public key from a C2...
MAL-2026-2527 Malicious code in sjs-biginteger (npm)
sjs-biginteger typosquats big.js on npm. Published April 7, 2026 by throwaway account vanes.s.p.orit.a, the package ships legitimate big.js source and hides its payload in a dependency: sjs-lint-build1. On install, the dependency’s postinstall hook fetches the attacker’s SSH public key from a C2...
Malicious code in sjs-lint-build1 (npm)
sjs-biginteger typosquats big.js on npm. Published April 7, 2026 by throwaway account vanes.s.p.orit.a, the package ships legitimate big.js source and hides its payload in a dependency: sjs-lint-build1. On install, the dependency’s postinstall hook fetches the attacker’s SSH public key from a C2...