默认阻止包含易受攻击版本的第三方包next-mdx-remote的新部署
来源: Vercel News
Any new deployment containing a version of the third-party package next-mdx-remote that is vulnerable to CVE-2026-0969 will now automatically fail to deploy on Vercel.
We strongly recommend upgrading to a patched version regardless of your hosting provider.
This automatic protection can be disabled by setting the DANGEROUSLY_DEPLOY_VULNERABLE_CVE_2026_0969=1 environment variable on your Vercel project. Learn more