CVE-2026-44577 Overview
CVE-2026-44577 affects Vercel Next.js, a React framework used to build full-stack web applications. The vulnerability resides in the Image Optimization API when Next.js is self-hosted with the default image loader. The API fetches local images entirely into memory without enforcing a maximum size limit. Attackers can trigger out-of-memory conditions by requesting large local assets from the /_next/image endpoint that match the images.localPatterns configuration. By default, all patterns are allowed, expanding the attack surface. The flaw affects versions 10.0.0 through 15.5.15 and 16.0.0 through 16.2.4, and is fixed in 15.5.16 and 16.2.5.
Critical Impact
Unauthenticated remote attackers can exhaust server memory and cause denial of service against self-hosted Next.js applications.
Affected Products
- Vercel Next.js versions 10.0.0 to before 15.5.16
- Vercel Next.js versions 16.0.0 to before 16.2.5
- Self-hosted Next.js deployments using the default image loader
Discovery Timeline
- 2026-05-13 - CVE-2026-44577 published to NVD
- 2026-05-13 - Last updated in NVD database
Technical Details for CVE-2026-44577
Vulnerability Analysis
The vulnerability is classified under [CWE-770] (Allocation of Resources Without Limits or Throttling). The Image Optimization API in Next.js reads local image files into memory before processing. The default loader does not validate or cap the size of the source asset prior to loading it. When an attacker requests an oversized file through the /_next/image endpoint, the runtime allocates memory proportional to the file size. Repeated or concurrent requests amplify memory pressure on the Node.js process. This leads to process termination or host-level resource starvation on self-hosted deployments.
Root Cause
The root cause is missing input size validation in the local image fetch path. The images.localPatterns configuration governs which local paths the API will serve, but the default value permits all patterns. Combined with the absence of a maximum byte limit, any matching local file becomes a denial-of-service primitive. The API trusts that local assets are appropriately sized and skips bounded read logic.
Attack Vector
The attack vector is network-based and requires no authentication or user interaction. An attacker sends crafted HTTP requests to the /_next/image endpoint referencing large local files reachable through the default localPatterns allowlist. Each request forces the Next.js server to load the entire file into memory. Concurrent requests compound the memory consumption until the Node.js process exhausts available heap or the host runs out of memory.
No verified public exploit code is available. See the GitHub Security Advisory GHSA-h64f-5h5j-jqjh for additional technical context.
Detection Methods for CVE-2026-44577
Indicators of Compromise
- Unusual volume of HTTP requests to the /_next/image endpoint from a single or distributed source
- Repeated requests referencing the same large local asset path via the url query parameter
- Node.js process crashes with out-of-memory errors or heap allocation failures on Next.js servers
Detection Strategies
- Inspect web server and reverse proxy logs for high-frequency requests to /_next/image with abnormally large response sizes or timeouts
- Correlate spikes in Node.js heap usage with inbound traffic patterns targeting the image optimization endpoint
- Alert on Next.js worker restarts, container OOMKilled events, or sudden memory consumption above baseline
Monitoring Recommendations
- Track process-level memory metrics for Next.js servers and set thresholds for sustained high heap utilization
- Enable rate-limiting telemetry at the reverse proxy or WAF layer for /_next/image traffic
- Forward Node.js application logs and host resource metrics to a centralized analytics platform for anomaly detection
How to Mitigate CVE-2026-44577
Immediate Actions Required
- Upgrade Next.js to version 15.5.16 or 16.2.5 on all self-hosted deployments
- Inventory all Next.js applications and identify those using the default image loader
- Restrict the images.localPatterns configuration to an explicit allowlist of expected assets
Patch Information
Vercel fixed the vulnerability in Next.js 15.5.16 and 16.2.5. The patches enforce a maximum size limit when the Image Optimization API loads local images. Refer to the Vercel Next.js security advisory GHSA-h64f-5h5j-jqjh for upgrade details.
Workarounds
- Configure images.localPatterns in next.config.js to a narrow allowlist that excludes large or sensitive files
- Place a reverse proxy or WAF in front of Next.js to rate-limit and cap response sizes for /_next/image
- Use a managed image CDN or a custom image loader that enforces size validation before in-memory processing
# Example next.config.js hardening for images.localPatterns
module.exports = {
images: {
localPatterns: [
{
pathname: '/assets/images/**',
search: '',
},
],
},
};
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
