Tag
Vulnerability CVE-2026-8768 describes a server-side request forgery (SSRF) flaw in the validateDownloadUrl function of the provider-utils component in Vercel AI versions up to 3.0.97, enabling remote attackers to potentially make internal requests.