next-intl (npm) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the npm package next-intl, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (1)
CVE-2026-40299: next-intl provides internationalization for Next.js. Applications using the `next-intl` middleware prior to version 4.9.1with…