SecurityVercel10 months ago

CVE-2025-55173

2 min read

A vulnerability in Next.js Image Optimization allowed attacker-controlled external image servers to trigger arbitrary file downloads. Versions before v15.4.5 and v14.2.31 are affected. Vercel deployments were patched on July 29, 2025. Self-hosted sites must upgrade to those versions.

Level

Hype check

Tap to vote and see what everyone thinks.

#next.js #security #vercel

Read full story

More to chew on!

AI36 minutes ago

Apple Issues AI Warning in iOS 26.5.2 Update

Summary by ByteBrief

More to chew on!

AI36 minutes ago

Apple Issues AI Warning in iOS 26.5.2 Update