CVE-2026-8768

HIGH

vercel ai provider-utils download-blob.ts validateDownloadUrl server-side request forgery

Title source: cna

Description

A vulnerability was found in vercel ai up to 3.0.97. The affected element is the function validateDownloadUrl of the file packages/provider-utils/src/download-blob.ts of the component provider-utils. The manipulation results in server-side request forgery. The attack can be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

References (6)

Core 6

Core References

Vdb Entry, Technical Description vdb-entry technical-description

VDB-364393 | vercel ai provider-utils download-blob.ts validateDownloadUrl server-side request forgery

https://vuldb.com/vuln/364393

Signature, Permissions Required signature permissions-required

VDB-364393 | CTI Indicators (IOB, IOC, IOA)

https://vuldb.com/vuln/364393/cti

Third Party Advisory third-party-advisory

Submit #811404 | vercel ai @ai-sdk/[email protected] Server-Side Request Forgery (SSRF) (CWE-918)

https://vuldb.com/submit/811404

Third Party Advisory third-party-advisory

Submit #811405 | vercel ai @ai-sdk/[email protected] Server-Side Request Forgery (SSRF) (CWE-918) (Duplicate)

https://vuldb.com/submit/811405

Exploit exploit

https://gist.github.com/YLChen-007/cf7e47e4dda392f474ca77a66d1d847f

Scores

CVSS v3 7.3

EPSS 0.0039

EPSS Percentile 30.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-918

Status published

Products (50)

vercel/ai < 3.0.97

vercel/ai 3.0.0

vercel/ai 3.0.1

vercel/ai 3.0.10

vercel/ai 3.0.11

vercel/ai 3.0.12

vercel/ai 3.0.13

vercel/ai 3.0.14

vercel/ai 3.0.15

vercel/ai 3.0.16

... and 40 more

Published May 17, 2026

Tracked Since May 18, 2026