CVE-2025-7074

Medium CVSS: 5.3

A vulnerability classified as problematic has been found in vercel hyper up to 3.4.1. This affects the function expand/braceExpand/ignoreMap of the file hyper/bin/rimraf-standalone.js. The manipulation leads to inefficient regular expression complexity. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Vendor

Vercel

Product

Hyper

CWE

CWE-400

Yayın Tarihi

2025-07-05 09:15:27

Güncelleme

2025-10-01 19:19:47

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-400 Hyper MEDIUM Vercel 2025

Referanslar

https://github.com/vercel/hyper/issues/8098 https://vuldb.com/?ctiid.314973 https://vuldb.com/?id.314973 https://vuldb.com/?submit.602353 https://github.com/vercel/hyper/issues/8098

Benzer Kayıtlar

Medium

CVE-2026-29057

Next.js is a React framework for building full-stack web applications. Starting in version 9.5.0 and prior to versions 1…

Medium

CVE-2026-27979

Next.js is a React framework for building full-stack web applications. Starting in version 16.0.1 and prior to version 1…

Medium

CVE-2026-27980

Next.js is a React framework for building full-stack web applications. Starting in version 10.0.0 and prior to version 1…

Medium

CVE-2026-27978

Next.js is a React framework for building full-stack web applications. Starting in version 16.0.1 and prior to version 1…

Low

CVE-2026-27977

Next.js is a React framework for building full-stack web applications. Starting in version 16.0.1 and prior to version 1…

Medium

CVE-2025-59472

A denial of service vulnerability exists in Next.js versions with Partial Prerendering (PPR) enabled when running in min…