A vulnerability described as problematic has been identified in vercel next.js up to 16.1.6 . Affected by this issue is some unknown functionality. Such manipulation leads to resource consumption. This vulnerability is referenced as CVE-2026-27980 . It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is recommended.