VYPR

npm package

next-intl

pkg:npm/next-intl

Vulnerabilities (1)

  • CVE-2026-40299MedApr 17, 2026
    affected < 4.9.1fixed 4.9.1

    next-intl provides internationalization for Next.js. Applications using the `next-intl` middleware prior to version 4.9.1with `localePrefix: 'as-needed'` could construct URLs where path handling and the WHATWG URL parser resolved a relative redirect target to another host (e.g. s