CVE-2026-8767: vercel ai PR Branch Name Interpolation prettier-on-automerge.yml run os command injection

Q: What is the severity of CVE-2026-8767?

CVE-2026-8767 has a significant severity due to the potential for remote command execution through OS command injection.

Q: How do I fix CVE-2026-8767?

To fix CVE-2026-8767, update the vercel ai package to version 3.0.98 or later.

Q: What versions are affected by CVE-2026-8767?

CVE-2026-8767 affects vercel ai versions up to and including 3.0.97.

Q: What specific component is vulnerable in CVE-2026-8767?

The vulnerability in CVE-2026-8767 resides in the function run of the file .github/workflows/prettier-on-automerge.yml.

Q: What type of vulnerability is CVE-2026-8767?

CVE-2026-8767 is an OS command injection vulnerability that allows manipulation through branch name interpolation.

Published May 17, 2026

Updated

A vulnerability has been found in vercel ai up to 3.0.97. Impacted is the function run of the file .github/workflows/prettier-on-automerge.yml of the component PR Branch Name Interpolation. The manipulation leads to os command injection. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitability is considered difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Affected Software

2 affected components

npm/@vercel/ai<=3.0.97

Vercel AI<=3.0.97

Event History

May 17, 2026

CVE Published

via MITRE·10:30 PM

Data Sourced

via MITRE·10:30 PM

DescriptionSeverityWeakness

Data Sourced

via NVD·11:17 PM

DescriptionSeverityWeaknessAffected Software

Jul 9, 58361

Event

via FIRST·09:29 AM

Frequently Asked Questions

What is the severity of CVE-2026-8767?

CVE-2026-8767 has a significant severity due to the potential for remote command execution through OS command injection.

How do I fix CVE-2026-8767?

To fix CVE-2026-8767, update the vercel ai package to version 3.0.98 or later.

What versions are affected by CVE-2026-8767?

CVE-2026-8767 affects vercel ai versions up to and including 3.0.97.

What specific component is vulnerable in CVE-2026-8767?

The vulnerability in CVE-2026-8767 resides in the function run of the file .github/workflows/prettier-on-automerge.yml.

What type of vulnerability is CVE-2026-8767?

CVE-2026-8767 is an OS command injection vulnerability that allows manipulation through branch name interpolation.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.