CVE-2026-44479
Vercel: Non-interactive mode includes CLI arguments in suggested command output
Description
# Summary When the Vercel CLI runs in non-interactive mode (`--non-interactive` or auto-detected AI agent), commands that cannot complete autonomously emit JSON payloads with suggested follow-up commands. If the user authenticated via `--token` or `-t` on the command line, the token value is included verbatim in those suggestions. # Conditions All three must be true for the token to appear in output: 1. Token passed as a CLI argument (`--token` / `-t`). The `VERCEL_TOKEN` environment variable is **not affected**. 2. Non-interactive mode is active (explicit flag or AI agent auto-detection). 3. The command cannot complete on its own (e.g. missing `--yes`, ambiguous scope, API errors). Successful commands produce no suggestion output. ## Impact The plaintext token may be captured in CI/CD logs, agent transcripts, or other automation output. ## Remediation - Upgrade to the patched version. - If developers have previously used `--token` with `--non-interactive` in their applications, review logs for exposed tokens and rotate them. - Prefer `VERCEL_TOKEN` environment variable for authentication.
How to fix CVE-2026-44479
To remediate CVE-2026-44479, upgrade the affected package to a fixed version below.
- —upgrade to 52.0.1 or later
Is CVE-2026-44479 being exploited?
Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- >= 50.16.0, < 52.0.1
CVSS scores
| Source | Version |
|---|