GHSA-pgf8-2hgj-grqg
Suggest an improvement- Source
- https://github.com/advisories/GHSA-pgf8-2hgj-grqg
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/05/GHSA-pgf8-2hgj-grqg/GHSA-pgf8-2hgj-grqg.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GHSA-pgf8-2hgj-grqg
- Aliases
-
- CVE-2026-44479
- Published
- 2026-05-07T00:05:20Z
- Modified
- 2026-05-07T00:18:42.551802Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- Vercel: Non-interactive mode includes CLI arguments in suggested command output
- Details
-
Summary
When the Vercel CLI runs in non-interactive mode (
--non-interactiveor auto-detected AI agent), commands that cannot complete autonomously emit JSON payloads with suggested follow-up commands. If the user authenticated via--tokenor-ton the command line, the token value is included verbatim in those suggestions.Conditions
All three must be true for the token to appear in output:
- Token passed as a CLI argument (
--token/-t). TheVERCEL_TOKENenvironment variable is not affected. - Non-interactive mode is active (explicit flag or AI agent auto-detection).
- The command cannot complete on its own (e.g. missing
--yes, ambiguous scope, API errors). Successful commands produce no suggestion output.
Impact
The plaintext token may be captured in CI/CD logs, agent transcripts, or other automation output.
Remediation
- Upgrade to the patched version.
- If developers have previously used
--tokenwith--non-interactivein their applications, review logs for exposed tokens and rotate them. - Prefer
VERCEL_TOKENenvironment variable for authentication.
- Token passed as a CLI argument (
- Database specific
{ "github_reviewed": true, "cwe_ids": [ "CWE-200", "CWE-532" ], "severity": "MODERATE", "github_reviewed_at": "2026-05-07T00:05:20Z", "nvd_published_at": null }- References
Affected packages
npm / vercel
Package
- Name
- vercel
- View open source insights on deps.dev
- Purl
- pkg:npm/vercel