CVE-2026-8767

Summary

A vulnerability has been found in vercel ai up to 3.0.97. Impacted is the function run of the file .github/workflows/prettier-on-automerge.yml of the component PR Branch Name Interpolation. The manipulation leads to os command injection. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitability is considered difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Affected Software

VendorProductVersion RangeStatus
vercelai3.0.0affected
vercelai3.0.1affected
vercelai3.0.2affected
vercelai3.0.3affected
vercelai3.0.4affected
vercelai3.0.5affected
vercelai3.0.6affected
vercelai3.0.7affected
vercelai3.0.8affected
vercelai3.0.9affected
vercelai3.0.10affected
vercelai3.0.11affected
vercelai3.0.12affected
vercelai3.0.13affected
vercelai3.0.14affected
vercelai3.0.15affected
vercelai3.0.16affected
vercelai3.0.17affected
vercelai3.0.18affected
vercelai3.0.19affected
vercelai3.0.20affected
vercelai3.0.21affected
vercelai3.0.22affected
vercelai3.0.23affected
vercelai3.0.24affected
vercelai3.0.25affected
vercelai3.0.26affected
vercelai3.0.27affected
vercelai3.0.28affected
vercelai3.0.29affected
vercelai3.0.30affected
vercelai3.0.31affected
vercelai3.0.32affected
vercelai3.0.33affected
vercelai3.0.34affected
vercelai3.0.35affected
vercelai3.0.36affected
vercelai3.0.37affected
vercelai3.0.38affected
vercelai3.0.39affected
vercelai3.0.40affected
vercelai3.0.41affected
vercelai3.0.42affected
vercelai3.0.43affected
vercelai3.0.44affected
vercelai3.0.45affected
vercelai3.0.46affected
vercelai3.0.47affected
vercelai3.0.48affected
vercelai3.0.49affected
vercelai3.0.50affected
vercelai3.0.51affected
vercelai3.0.52affected
vercelai3.0.53affected
vercelai3.0.54affected
vercelai3.0.55affected
vercelai3.0.56affected
vercelai3.0.57affected
vercelai3.0.58affected
vercelai3.0.59affected
vercelai3.0.60affected
vercelai3.0.61affected
vercelai3.0.62affected
vercelai3.0.63affected
vercelai3.0.64affected
vercelai3.0.65affected
vercelai3.0.66affected
vercelai3.0.67affected
vercelai3.0.68affected
vercelai3.0.69affected
vercelai3.0.70affected
vercelai3.0.71affected
vercelai3.0.72affected
vercelai3.0.73affected
vercelai3.0.74affected
vercelai3.0.75affected
vercelai3.0.76affected
vercelai3.0.77affected
vercelai3.0.78affected
vercelai3.0.79affected
vercelai3.0.80affected
vercelai3.0.81affected
vercelai3.0.82affected
vercelai3.0.83affected
vercelai3.0.84affected
vercelai3.0.85affected
vercelai3.0.86affected
vercelai3.0.87affected
vercelai3.0.88affected
vercelai3.0.89affected
vercelai3.0.90affected
vercelai3.0.91affected
vercelai3.0.92affected
vercelai3.0.93affected
vercelai3.0.94affected
vercelai3.0.95affected
vercelai3.0.96affected
vercelai3.0.97affected

Weaknesses

  • CWE-78: OS Command Injection
  • CWE-77: Command Injection

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References