CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-29057

mediumcovered by 1 sourcefirst seen 2026-07-02
A remote, anonymous attacker can exploit multiple vulnerabilities in Vercel Next.js to carry out a denial of service attack or bypass security measures.

CSIRTS triage

What
Multiple vulnerabilities can be exploited by a remote attacker to carry out denial of service attacks or bypass security measures.
Who is affected
Deployments of Vercel Next.js are affected by these vulnerabilities.
Urgency
Remediation is medium urgency due to the potential impact of the vulnerabilities.
Action
Update to the latest version of Vercel Next.js to address these issues.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch CVE-2026-29057

Get an email if CVE-2026-29057 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (1)

External references

NVD record for CVE-2026-29057

CVE.org record

Embed the live status

CVE-2026-29057 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-29057 status](https://www.csirts.com/badge/CVE-2026-29057)](https://www.csirts.com/cve/CVE-2026-29057)