RepoJournal
Vercel

@vercel

Next.js + the Vercel platform — frontend infrastructure for the web

Pick a date

The Wire · Showcase

VERCEL AI HARDENS AGAINST SSRF AND SOCKET LEAKS, NEXT.JS CACHE LAYER GETS DEV PERSISTENCE

By RepoJournal · Filed · About Vercel

Vercel AI shipped critical fixes to block three classes of SSRF bypasses in download validation, while Next.js dev server now persists private cache entries across reloads.

The AI SDK's `downloadBlob`, `download`, and MCP client functions had multiple security gaps in their URL validation and socket handling that have been patched [1][2]. The SSRF guard now blocks hostname tricks and redirect bypasses, and rejected downloads properly cancel their response bodies to prevent TCP socket leaks that could pile up under sustained load [2]. On the MCP side, once a client receives its first valid SSE endpoint, that URL stays locked in and later endpoint events are ignored, preventing a malicious event from hijacking subsequent tool calls [3]. Meanwhile, Next.js dev server improvements make cache behavior more realistic: private `'use cache'` entries now persist in a built-in in-memory handler so warm reloads stay fast [4], and stale cache entries serve until actual expiration rather than dropping at revalidate time [5]. The Vercel CLI got two wins for integration discovery: `vercel integration discover --category <slug>` filters the marketplace, and a new `vercel integration categories` subcommand lists valid slugs [7]. Node framework preset detection now works without package.json, defaulting to ESM format for a bare `server.ts` [6].

Action items

References

  1. [1] fix(provider-utils,ai): harden download SSRF guard against hostname and redirect bypasses (#15980) vercel/ai
  2. [2] fix(provider-utils): cancel response body on download rejection to prevent socket leak ↗ vercel/ai
  3. [3] fix(mcp): lock first sse endpoint received via event ↗ vercel/ai
  4. [4] Persist `'use cache: private'` entries in dev (#94694) vercel/next.js
  5. [5] Serve stale `'use cache'` entries in the dev server until they expire ↗ vercel/next.js
  6. [6] Support Node framework preset without a package.json (#16614) vercel/vercel
  7. [7] [cli] Add --category filter + integration categories subcommand (#16576) vercel/vercel

FAQ

What changed in Vercel on June 12, 2026?
Vercel AI shipped critical fixes to block three classes of SSRF bypasses in download validation, while Next.js dev server now persists private cache entries across reloads.
What should Vercel teams do about it?
Update @vercel/ai to latest patch immediately if you use downloadBlob or MCP clients with untrusted URLs • Review your next dev cache patterns; private cache now persists by default in development • If you're using custom OpenAPI specs, upgrade to latest vercel CLI to use --spec-url flag
Which Vercel repositories shipped on June 12, 2026?
vercel/ai, vercel/next.js, vercel/vercel

Related across the cluster

For your repos

The showcase is a teaser.
Your wire is the product.

Same engine. Different stack. Below: what changes when the wire is yours.

Showcase wire

  • 14 famous open source orgs
  • One wire per day
  • Public, generic
  • Read on the web, when you remember

Your wire

  • Up to 1,500 of your repos - orgs, deps, vendors
  • Morning and evening briefs
  • Action items routed to your team
  • Slack delivery, email, breaking-news CVE alerts

Want a hands-on demo first? Ask a current user for an invite link.