A vulnerability has been found in vercel next.js up to 15.5.15/16.2.4 and classified as problematic . This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is referenced as CVE-2026-44581 . Remote exploitation of the attack is possible. No exploit is available. The affected component should be upgraded.