CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ⬡ Vulnerabilities & CVEs

CVE-2026-27977 | vercel next.js up to 16.1.6 /_next/webpack-hmr missing origin validation in websockets (GHSA-jcc7-9wpm-mj36)

VulDB Archived Mar 18, 2026 ! Full text unavailable

A vulnerability was found in vercel next.js up to 16.1.6 . It has been rated as problematic . The impacted element is an unknown function of the file /_next/webpack-hmr . Performing a manipulation results in missing origin validation in websockets. This vulnerability is known as CVE-2026-27977 . Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is advised.

Full text unavailable — view original
✦ AI Summary · Claude Sonnet


    Full text unavailable.
    Open original ↗
    💬 Team Notes
    Article Info
    Source
    VulDB
    Category
    ⬡ Vulnerabilities & CVEs
    Published
    Archived
    Mar 18, 2026
    Full Text
    ✗ Not available
    Open Original ↗