A path traversal vulnerability in serve npm package version 7.0.1 allows the malicious users to read content of arbitrary files on the remote server.
zeit serve