VYPR

npm package

next-mdx-remote

pkg:npm/next-mdx-remote

Vulnerabilities (1)

  • CVE-2026-0969HigFeb 12, 2026
    affected >= 4.3.0, < 6.0.0fixed 6.0.0

    The serialize function used to compile MDX in next-mdx-remote is vulnerable to arbitrary code execution due to insufficient sanitization of MDX content. This vulnerability, CVE-2026-0969, is fixed in next-mdx-remote 6.0.0.