diff --git a/http/misconfiguration/vercel-source-exposure.yaml b/http/misconfiguration/vercel-source-exposure.yaml
new file mode 100644
index 0000000000..5fca611120
--- /dev/null
+++ b/http/misconfiguration/vercel-source-exposure.yaml
@@ -0,0 +1,37 @@
+id: vercel-source-exposure
+
+info:
+  name: Vercel Source Code Exposure
+  author: hlop
+  severity: medium
+  reference:
+    - https://vercel.com/docs/projects/overview#logs-and-source-protection
+  description: |
+    The Vercel Source Code Exposure misconfiguration allows an attacker to access sensitive source code files on the Vercel platform.
+  impact: |
+    This misconfiguration can lead to the exposure of sensitive information, such as API keys, credentials, and proprietary code, which can be used for further attacks or unauthorized access.
+  metadata:
+    fofa-query: cname_domain="vercel.app" || icon_hash="-2070047203"
+  tags: vercel,exposure,misconfig
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/_src"
+
+    redirects: true
+    max-redirects: 3
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "Deployment Source</title>"
+          - "Deployment Source – Dashboard – Vercel"
+        condition: or
+
+      - type: word
+        part: body
+        words:
+          - "<title>Login – Vercel</title>"
+        negative: true