Home / Security updates / Vercel April 2026 Incident - Pinecone Advisory
Vercel April 2026 Incident - Pinecone Advisory
Security updates detail rendered from /security-updates/upd_f96e0f2f8e7d61eb.
Overview
| ID | upd_f96e0f2f8e7d61eb |
| Collection | Security Updates |
| Provider | SafeBase |
| Company | Pinecone |
| URL | - |
| Counts | - |
| Updated | - |
Raw record
| Field | Value |
|---|---|
| id | upd_f96e0f2f8e7d61eb |
| providerId | safebase |
| organizationId | org_43327d3b605fc6a3 |
| trustCenterId | tc_5dd63caf0ba289a0 |
| title | Vercel April 2026 Incident - Pinecone Advisory |
| message | **What happened** On April 19, 2026, Vercel disclosed a security incident involving unauthorized access to certain internal Vercel systems. For more details, see [Vercel's official security bulletin](https://vercel.com/kb/bulletin/vercel-april-2026-security-incident) **Is Pinecone affected?** __No. Pinecone was not directly compromised.__ We completed an internal investigation and confirmed: * The Context.ai OAuth application identified in the breach was never installed or authorized in Pinecone's Google Workspace. * There is no record of Context.ai in use at Pinecone. * Vercel has communicated to us that they do not have reason to believe Pinecone credentials or personal data were compromised. Pinecone's core infrastructure, customer data, and API services were not impacted by this incident. **What we did** Out of an abundance of caution, Pinecone's security team took the following actions: * Rotated all environment variables associated with our Vercel-hosted projects * Verified |
| url | - |
| publishedAt | 2026-04-21 |
| source | {
"field": "statuspage/public/compliance-update",
"category": "incidents"
} |
| company | {
"id": "org_43327d3b605fc6a3",
"name": "Pinecone",
"domains": [
"security.pinecone.io",
"pinecone.io"
]
} |
| trust_center | {
"id": "tc_5dd63caf0ba289a0",
"name": "Pinecone",
"url": "https://security.pinecone.io",
"host": "security.pinecone.io"
} |
| provider | {
"id": "safebase",
"name": "SafeBase"
} |
| links | {
"self": "/v1/security-updates/upd_f96e0f2f8e7d61eb",
"company": "/v1/companies/org_43327d3b605fc6a3",
"trust_center": "/v1/trust-centers/tc_5dd63caf0ba289a0",
"provider": "/v1/providers/safebase"
} |
Get this page with API
Rendered from the bluedoor Trust Centers API. Reproduce it:
GET https://api.bluedoor.sh/trust-centers/v1/security-updates/upd_f96e0f2f8e7d61ebJSON