CVE Vulnerability Database
Vulnerability Database/CVE-2026-44576

CVE-2026-44576: Vercel Next.js Cache Poisoning Vulnerability

CVE-2026-44576 is a cache poisoning flaw in Vercel Next.js affecting React Server Components. Attackers can poison shared cache entries, causing visitors to receive component payloads instead of HTML. This article covers impact, technical details, affected versions, and mitigation strategies.

Published: May 17, 2026

CVE-2026-44576 Overview

CVE-2026-44576 is a cache poisoning vulnerability in Vercel Next.js affecting applications that use React Server Components (RSC). The flaw exists in versions 14.2.0 through versions prior to 15.5.16 and 16.2.5. Shared caches sitting in front of Next.js applications can fail to correctly partition response variants between standard HTML and RSC payloads. An attacker can trigger an RSC response to be served from the original URL and poison shared cache entries. Later visitors then receive raw component payloads instead of the expected HTML page. The issue is classified as [CWE-436] Interpretation Conflict and is resolved in Next.js 15.5.16 and 16.2.5.

Critical Impact

Unauthenticated attackers can poison shared CDN or proxy caches, causing subsequent users to receive React Server Component payloads in place of rendered HTML, breaking application integrity and availability.

Affected Products

  • Vercel Next.js versions 14.2.0 through 15.5.15
  • Vercel Next.js 16.0.0 through 16.2.4
  • Deployments behind shared caches (CDNs, reverse proxies) serving RSC-enabled routes

Discovery Timeline

  • 2026-05-13 - CVE-2026-44576 published to NVD
  • 2026-05-14 - Last updated in NVD database

Technical Details for CVE-2026-44576

Vulnerability Analysis

Next.js serves two response variants for the same URL when React Server Components are enabled. Standard browser navigations return rendered HTML, while client-side navigations request RSC payloads using a distinguishing header such as RSC: 1. Shared caches positioned in front of the application must partition these variants using the Vary header or equivalent cache key logic.

When partitioning is incomplete, a single cache entry stores whichever variant was retrieved first. An attacker can force the RSC variant into the cache slot associated with the canonical URL. Subsequent visitors requesting the page receive the cached RSC payload instead of HTML, leaving browsers unable to render the response and exposing internal component data.

The vulnerability is network-reachable and requires no authentication or user interaction. Successful exploitation impacts integrity and availability, but does not disclose credentials or grant code execution on the server.

Root Cause

The root cause is an interpretation conflict [CWE-436] between Next.js and downstream shared caches. Next.js emits distinct responses for the same URL based on request headers, but does not consistently signal the caching layer to key entries on those headers. Cache infrastructure therefore treats the responses as equivalent, enabling poisoning.

Attack Vector

An attacker sends a crafted request to a publicly cached route with headers that elicit an RSC response. If the cache stores the response under the canonical URL key without variant partitioning, the poisoned entry is served to all subsequent users requesting that URL. Refer to the GitHub Security Advisory GHSA-wfc6-r584-vfw7 for the upstream technical description.

Detection Methods for CVE-2026-44576

Indicators of Compromise

  • Cached responses for HTML routes containing RSC payload markers such as serialized component trees beginning with numeric reference prefixes
  • Spikes in client-side errors where browsers receive text/x-component content where text/html is expected
  • Anomalous requests carrying the RSC: 1 header against routes that are publicly cached

Detection Strategies

  • Inventory Next.js deployments and confirm versions against the fixed releases 15.5.16 and 16.2.5
  • Inspect CDN and reverse proxy configurations for missing Vary directives on routes serving RSC content
  • Review web access logs for requests that toggle between HTML and RSC variants against the same cache key

Monitoring Recommendations

  • Alert on responses served from shared caches with Content-Type: text/x-component for routes expected to return HTML
  • Monitor user-reported rendering failures and correlate with cache hit ratios on RSC-enabled paths
  • Track upstream advisories from Vercel for follow-on guidance on cache header handling

How to Mitigate CVE-2026-44576

Immediate Actions Required

  • Upgrade Next.js to 15.5.16 or 16.2.5 as the primary remediation
  • Purge shared cache entries for all RSC-enabled routes after upgrading to remove any poisoned payloads
  • Audit CDN cache key configurations to ensure RSC-distinguishing headers are included in cache partitioning

Patch Information

Vercel addressed CVE-2026-44576 in Next.js 15.5.16 and 16.2.5. Patched versions correct the response signaling so shared caches partition HTML and RSC variants under separate keys. Patch details are published in the Vercel security advisory GHSA-wfc6-r584-vfw7.

Workarounds

  • Configure the CDN or reverse proxy to include RSC and related request headers in the cache key for affected routes
  • Disable shared caching for RSC-enabled routes until the upgrade is deployed
  • Set explicit Cache-Control: private headers on dynamic routes that should not be stored in shared caches
bash
# Configuration example: upgrade Next.js to a fixed release
npm install next@15.5.16
# or for the 16.x branch
npm install next@16.2.5

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

  • Vulnerability Details
  • TypeOther
  • Vendor/TechNext.js
  • SeverityMEDIUM
  • CVSS Score5.4
  • EPSS Probability0.01%
  • Known ExploitedNo
  • CVSS Vector
  • CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L
  • Impact Assessment
  • ConfidentialityHigh
  • IntegrityNone
  • AvailabilityLow
  • CWE References
  • CWE-436
  • Vendor Resources
  • GitHub Security Advisory
  • Related CVEs
  • CVE-2026-44582: Next.js Cache Poisoning Vulnerability
  • CVE-2025-55173: Vercel Next.js Content Injection Vulnerability
  • CVE-2022-23646: Vercel Next.js UI Misrepresentation Flaw
  • CVE-2021-37699: Vercel Next.js Open Redirect Vulnerability
Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.

Try SentinelOne
  • Get Started
  • Get a Demo
  • Product Tour
  • Why SentinelOne
  • Pricing & Packaging
  • FAQ
  • Contact
  • Contact Us
  • Customer Support
  • SentinelOne Status
  • Language
  • Platform
  • Singularity Platform
  • Singularity Endpoint
  • Singularity Cloud
  • Singularity AI-SIEM
  • Singularity Identity
  • Singularity Marketplace
  • Purple AI
  • Services
  • Wayfinder TDR
  • SentinelOne GO
  • Technical Account Management
  • Support Services
  • Verticals
  • Energy
  • Federal Government
  • Finance
  • Healthcare
  • Higher Education
  • K-12 Education
  • Manufacturing
  • Retail
  • State and Local Government
  • Cybersecurity for SMB
  • Resources
  • Blog
  • Labs
  • Case Studies
  • Videos
  • Product Tours
  • Events
  • Cybersecurity 101
  • eBooks
  • Webinars
  • Whitepapers
  • Press
  • News
  • Ransomware Anthology
  • Company
  • About Us
  • Our Customers
  • Careers
  • Partners
  • Legal & Compliance
  • Security & Compliance
  • Investor Relations
  • S Foundation
  • S Ventures

©2026 SentinelOne, All Rights Reserved.

Privacy Notice Terms of Use

English