Summary
A vulnerability affecting Next.js Image Optimization has been addressed. It impacted versions prior to v15.4.5 and v14.2.31, and involved a scenario where attacker-controlled external image servers could serve crafted responses that result in arbitrary file downloads with attacker-defined filenames and content.
Your Vercel deployments are safe by default. A patch applied on July 29th, 2025 eliminated exposure for all Vercel-hosted customers. Self-hosted deployments should upgrade to v15.4.5 or v14.2.31 to remediate the issue.
Impact
Under certain configurations (images.domains or permissive images.remotePatterns), a malicious actor could:
- Trigger the download of a file from a Next.js app with attacker-controlled content and filename
- Exploit this behavior for phishing, drive-by downloads, or social engineering scenarios
This issue requires that:
- The target app has external image domains or patterns configured
- The remote server is attacker-controlled or attacker-influenced
- A user is tricked into clicking a crafted URL
Resolution
The issue was resolved by updating the image optimizer logic to avoid falling back to the upstream’s Content-Type header when magic number detection fails. This ensures that responses are only cached when confidently identified as image content and do not mistakenly reuse cache keys for user-specific responses.
The fix was included in:
- Next.js v15.4.5
- Next.js v14.2.31
Credit
Thanks to kristianmagas for the responsible disclosure.