Trust Center
Vercel is the platform for frontend developers, providing the speed and reliability innovators need to create at the moment of inspiration.
We enable teams to iterate quickly and develop, preview, and ship delightful user experiences. Vercel has zero-configuration support for 35+ frontend frameworks and integrates with your headless content, commerce, or database of choice.
OpenAI
Under Armour
HashiCorp
Adobe
The Washington Post
Okta
Subprocessors
Subprocessors
CVE-2025-55182
React Server Components Vulnerability (CVE-2025-55182)
A critical vulnerability in React Server Components (RSC) was disclosed on December 3, 2025. Vercel has assessed the issue and there is currently no known impact to Vercel or its customers. The Vercel platform includes safeguards that block the malicious request patterns associated with this vulnerability, significantly reducing exploitation risk for applications hosted on Vercel.
Recommended Actions:
We strongly recommend updating to the patched versions outlined in the Vercel Changelog.
A banner in the Vercel dashboard will indicate any projects running affected versions.
Ongoing Monitoring:
Vercel’s Security and Engineering teams continue to actively monitor the situation and will provide updates if new information emerges. Vercel remains committed to maintaining the confidentiality, integrity, and availability of its systems and customer data.
For questions, please contact the Security Team at security@vercel.com
TISAX Assessment
We’re excited to share that Vercel has successfully completed its TISAX Assessment Level 2 (AL2) assessment, a standard developed by the Association of the German Automotive Industry (VDA) and governed by the European Network Exchange (ENX), an association of European automotive manufacturers. This standard provides the European automotive industry a consistent approach and criteria for assessing information security and the use of cloud services throughout the supply chain.
Vercel customers can access TISAX assessment results through the ENX portal.
To view the assessment details:
- Sign in to your account on the ENX portal
- Search for Vercel or look up the following details:
- Assessment ID: AMR06H-1
- Scope ID: SYN3TM
For more details, please visit our blog post.
Subprocessor Update
We have updated our subprocessor list, as it pertains to services utilized for our AI products.
Additional Subprocessor
The following subprocessor is currently engaged to support our v0 product and has been added to the subprocessor list:
- Groq, Inc. to provide AI services.
To review our complete subprocessor list, visit our Trust Center. If you have any questions or require further information, please do not hesitate to contact us at privacy@vercel.com.
Subprocessor Update
We have updated our subprocessor list, as it pertains to services tailored for our customer support services.
Additional Subprocessor
The following subprocessor is currently engaged to support our customer support services and has been added to the subprocessor list:
- Not Just Tickets Ltd, d.b.a Plain, to provide customer support services.
To review our complete subprocessor list, visit our Trust Center. If you have any questions or require further information, please do not hesitate to contact us at privacy@vercel.com.
Subprocessor Update
We have updated our subprocessor list, as pertaining to services utilized for our v0 product.
Additional Subprocessor
The following subprocessor will be engaged to provide web search functionality and has been added to the subprocessors list:
- Exa.ai.
To review our complete subprocessor list, visit our Trust Center. If you have any questions or require further information, please do not hesitate to contact us at privacy@vercel.com.
