Vercel Next
2 CVEs affecting Vercel Next. Latest disclosed: 2026-01-26. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-59472 | Medium | 5.9 | 2026-01-26 | A denial of service vulnerability exists in Next.js versions with Partial Prerendering (PPR) enabled when running in minimal mode. The PPR resume endpoint acce… |
CVE-2025-59471 | Medium | 5.9 | 2026-01-26 | A denial of service vulnerability exists in self-hosted Next.js applications that have `remotePatterns` configured for the Image Optimizer. The image optimizat… |