A low-severity in Vercel's AI SDK was responsibly disclosed, and has been fixed for 5.0.52, 6.0.0-beta.* The issue may have allowed users to bypass filetype whitelists when uploading files. security vulnerability Vercel customers are encouraged to upgrade to the latest version. Read more details below. Vulnerability in Vercel's AI SDK prompt conversion pipeline where improper URL-to-data mapping allows attackers to substitute arbitrary downloaded bytes for different supported URLs within the same prompt. The vulnerability occurs in the file when filtering downloaded results could cause index misalignment between the downloadedFiles array and the original plannedDownloads array.convert-to-language-model-prompt.ts When processing mixed supported and unsupported URLs, the filtering operation removes null entries for supported URLs, causing the remaining downloaded data to be incorrectly associated with different URL keys.

This results in bytes from an unsupported URL being mapped to a supported URL slot, allowing attackers to inject arbitrary content while bypassing URL-based trust and content validation mechanisms. This affects most methods that accepted images or files as inputs…