CVE-2026-44580 | vercel next.js up to 15.5.15/16.2.4 cross site scripting (GHSA-gx5p-jg67-6x7h)

A vulnerability was found in vercel next.js up to 15.5.15/16.2.4 and classified as problematic. Affected by this vulnerability is an unknown functionality. Executing a manipulation can lead to cross site scripting.

This vulnerability is tracked as CVE-2026-44580. The attack can be launched remotely. No exploit exists.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More