#nextjs

27 posts26 participants0 posts today

Captain StephWhat are your thoughts on Vercel and Next JS? It seems like a walked garden to me...<a href="https://fosstodon.org/tags/react" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#react</a> <a href="https://fosstodon.org/tags/JavaScript" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#JavaScript</a> <a href="https://fosstodon.org/tags/nextjs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#nextjs</a>

platform.sh[Tutorial 🚀] Trying to modernize your Symfony setup? This new guide shows how to decouple your frontend using Next.js—for better performance, faster deploys, and dev workflow wins.It’s practical, detailed, and designed to help you iterate faster without breaking your architecture.👉 <a href="https://brnw.ch/DecoupleyourSymfonyfrontendwithnextjs" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://brnw.ch/DecoupleyourSymfonyfrontendwithnextjs</a><a href="https://mastodon.social/tags/Symfony" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Symfony</a> <a href="https://mastodon.social/tags/Nextjs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Nextjs</a> <a href="https://mastodon.social/tags/WebDev" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebDev</a> <a href="https://mastodon.social/tags/FullStack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FullStack</a>

The New OilCritical flaw in <a href="https://mastodon.thenewoil.org/tags/Nextjs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Nextjs</a> lets hackers bypass authorization<a href="https://www.bleepingcomputer.com/news/security/critical-flaw-in-nextjs-lets-hackers-bypass-authorization/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/critical-flaw-in-nextjs-lets-hackers-bypass-authorization/</a><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a>

Julio J. 🀲LB: the vuln itself is crazy, but even crazier is the way Vercel decided to handle the whole thing 🤯Post by researchers: <a href="https://zhero-web-sec.github.io/research-and-things/nextjs-and-the-corrupt-middleware" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://zhero-web-sec.github.io/research-and-things/nextjs-and-the-corrupt-middleware</a>Summary of Vercel situation: <a href="https://xcancel.com/amasad/status/1903654014962819448" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://xcancel.com/amasad/status/1903654014962819448</a>LB: <a href="https://infosec.exchange/@cR0w/114201195359591645" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://infosec.exchange/@cR0w/114201195359591645</a><a href="https://hachyderm.io/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://hachyderm.io/tags/nextjs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#nextjs</a> <a href="https://hachyderm.io/tags/vercel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vercel</a>

Nils HartmannMorgen ist "Fremdsprachen-Tag" bei der <a href="https://norden.social/tags/JUG" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#JUG</a> Hamburg: Ich möchte euch das <a href="https://norden.social/tags/React" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#React</a>-Framework <a href="https://norden.social/tags/NextJS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NextJS</a> vorstellen und mit klassischen <a href="https://norden.social/tags/Java" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Java</a>-Architekturen vergleichen (mal sehen, ob das klappt...)Freue mich, euch ab 19 Uhr zu sehen: <a href="https://www.meetup.com/jug-hamburg/events/306742794" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.meetup.com/jug-hamburg/events/306742794</a>👋<a href="https://norden.social/tags/JavaUserGroup" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#JavaUserGroup</a>

Caravana BluesExploring SSR Patterns: Next.js, Nuxt.js, and Alternatives <a href="https://chat-to.dev/post?id=TVRpYklqejFjdnlZQXlHR3JHU0Jkdz09" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://chat-to.dev/post?id=TVRpYklqejFjdnlZQXlHR3JHU0Jkdz09</a> <a href="https://mastodon.social/tags/nextjs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#nextjs</a> <a href="https://mastodon.social/tags/nuxtjs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#nuxtjs</a> <a href="https://mastodon.social/tags/javascript" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#javascript</a> <a href="https://mastodon.social/tags/programming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#programming</a>

Opalsec :verified:Hey folks, ready for your daily dose of cyber intel? ☕️Tuesday's update is out and it's packed with need-to-know updates:🚨 Critical Next.js Flaw: Authorization bypass vulnerability (CVE-2025-29927) impacting versions before 15.2.3. Upgrade ASAP or block those 'x-middleware-subrequest' headers!🐜 Weaver Ant's Long Game: Chinese hackers spied on a telco network for four years using compromised Zyxel routers and custom web shells. Talk about persistence!🐍 VanHelsing RaaS Emerges: A new ransomware player targeting Windows, ARM, ESXi systems. Keep an eye on this one!☁️ Oracle Cloud Breach Claims: Did they or didn't they? Oracle denies a breach, but a threat actor is claiming otherwise. 🚂 Ukrainian Railway Hit: Cyberattack disrupts online ticket sales amidst crucial transport operations. Resilience is key.🔄 DrayTek Router Chaos: ISPs are scrambling as DrayTek routers enter reboot loops. Potential vulnerability or buggy update at play.🤖 AI-Enhanced Cybercrime: Europol warns that organized crime is leveling up with AI, partnering with state-aligned entities. 🛰️ Starlink Intercepted: Thai authorities seize Starlink transmitters headed for Myanmar scam centers. Criminals are finding ways around cut-offs.🚓 Cybercrime Crackdown: 300+ suspects arrested in Africa for cyber scams. A win for international law enforcement!🧬 23andMe's Bankruptcy Woes: Privacy advocates raise concerns about DNA data as 23andMe files for bankruptcy. What happens to all that genetic info?🔒 Pennsylvania County Ransomware: Sensitive data stolen during a ransomware attack. Another reminder to shore up those defenses.👁️‍🗨️ China Bans Facial Recognition: Consent is now required for facial recognition in China. But are there exceptions for government and AI training?👉 Dive into the full details here: <a href="https://opalsec.io/daily-news-update-tuesday-march-25-2025-australia-melbourne/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://opalsec.io/daily-news-update-tuesday-march-25-2025-australia-melbourne/</a>Stay vigilant, stay informed, and let's keep the digital world a little safer, one update at a time. 🛡️ <a href="https://infosec.exchange/tags/Cyber" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cyber</a> <a href="https://infosec.exchange/tags/CyberSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSec</a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersecurity</a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://infosec.exchange/tags/ThreatIntelligence" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ThreatIntelligence</a> <a href="https://infosec.exchange/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ThreatIntel</a> <a href="https://infosec.exchange/tags/Ransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Ransomware</a> <a href="https://infosec.exchange/tags/NextJS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NextJS</a> <a href="https://infosec.exchange/tags/China" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#China</a> <a href="https://infosec.exchange/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AI</a> <a href="https://infosec.exchange/tags/Cybercrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybercrime</a> <a href="https://infosec.exchange/tags/DataBreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DataBreach</a> <a href="https://infosec.exchange/tags/Privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Privacy</a> <a href="https://infosec.exchange/tags/Starlink" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Starlink</a> <a href="https://infosec.exchange/tags/Europol" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Europol</a> <a href="https://infosec.exchange/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Vulnerability</a> <a href="https://infosec.exchange/tags/WeaverAnt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WeaverAnt</a> <a href="https://infosec.exchange/tags/VanHelsing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VanHelsing</a> <a href="https://infosec.exchange/tags/OracleCloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OracleCloud</a> <a href="https://infosec.exchange/tags/Ukraine" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Ukraine</a> <a href="https://infosec.exchange/tags/DrayTek" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DrayTek</a> <a href="https://infosec.exchange/tags/23andMe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#23andMe</a> <a href="https://infosec.exchange/tags/CyberAttack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberAttack</a> <a href="https://infosec.exchange/tags/infosecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosecurity</a> <a href="https://infosec.exchange/tags/Privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Privacy</a> <a href="https://infosec.exchange/tags/DataPrivacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DataPrivacy</a> <a href="https://infosec.exchange/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AI</a> <a href="https://infosec.exchange/tags/InfoSecNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSecNews</a> <a href="https://infosec.exchange/tags/News" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#News</a>

Sam Stepanyan :verified: 🐘<a href="https://infosec.exchange/tags/NextJS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NextJS</a>: Critical <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vulnerability</a> in NextJS (CVE-2025-29927) impacts all NextJS versions before 15.2.3, 14.2.25, 13.5.9, 12.3.5 allowing attackers to bypass authorisation checks.Great explanation and a Proof-of-Concept demonstration by @_JohnHammond 👇 <a href="https://www.youtube.com/watch?v=dL1a0KcAW3Y" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.youtube.com/watch?v=dL1a0KcAW3Y</a>

Chris‌‬ Hayes‌If you're self-hosting Next.js outside Vercel or Netlify and you use middleware (for ie, authentication), your project could have a critical vulnerability. <a href="https://fosstodon.org/tags/nextjs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#nextjs</a> <a href="https://zhero-web-sec.github.io/research-and-things/nextjs-and-the-corrupt-middleware" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://zhero-web-sec.github.io/research-and-things/nextjs-and-the-corrupt-middleware</a>

Karthikeyan A KLooking for freelance <a href="https://mstdn.social/tags/NextJS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NextJS</a> devs. Potential to earn upto ₹20K a week.<a href="https://mstdn.social/tags/JavaScript" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#JavaScript</a> <a href="https://mstdn.social/tags/Job" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Job</a> <a href="https://mstdn.social/tags/WebDev" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebDev</a> <a href="https://mstdn.social/tags/WebDevelopment" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebDevelopment</a> <a href="https://mstdn.social/tags/India" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#India</a>

ValeReject modernity (Next.js); embrace tradition (PHP).<a class="hashtag" href="https://fedi.vale.rocks/tag/nextjs" rel="nofollow noopener noreferrer" target="_blank">#NextJS</a> <a class="hashtag" href="https://fedi.vale.rocks/tag/php" rel="nofollow noopener noreferrer" target="_blank">#PHP</a> <a class="hashtag" href="https://fedi.vale.rocks/tag/webdev" rel="nofollow noopener noreferrer" target="_blank">#WebDev</a>

𝕂𝚞𝚋𝚒𝚔ℙ𝚒𝚡𝚎𝚕»Critical Next.js Middleware Vulnerability Allows Attackers to Bypass Authorization: A severe vulnerability has been identified in Next.js, a popular React framework used for building web applications, under the designation CVE-2025-29927.«Well, I have to give it up and look at it.🧑‍💻 <a href="https://gbhackers.com/critical-next-js-middleware-vulnerability/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://gbhackers.com/critical-next-js-middleware-vulnerability/</a><a href="https://chaos.social/tags/javascript" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#javascript</a> <a href="https://chaos.social/tags/nextjs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#nextjs</a> <a href="https://chaos.social/tags/webdev" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#webdev</a> <a href="https://chaos.social/tags/react" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#react</a> <a href="https://chaos.social/tags/sec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#sec</a> <a href="https://chaos.social/tags/framework" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#framework</a> <a href="https://chaos.social/tags/middleware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#middleware</a> <a href="https://chaos.social/tags/server" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#server</a> <a href="https://chaos.social/tags/itsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#itsec</a>

Frontend DogmaNext.js vs. TanStack, by @gill_kyle@x.com:<a href="https://www.kylegill.com/essays/next-vs-tanstack/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.kylegill.com/essays/next-vs-tanstack/</a><a href="https://mas.to/tags/nextjs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#nextjs</a> <a href="https://mas.to/tags/comparisons" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#comparisons</a>

Socket🚨 Next.js has patched a critical vulnerability that lets attackers bypass auth middleware in self-hosted apps. Immediate action is necessary: patch now. <a href="https://socket.dev/blog/next-js-patches-critical-middleware-vulnerability" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://socket.dev/blog/next-js-patches-critical-middleware-vulnerability</a> <a href="https://fosstodon.org/tags/nextjs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#nextjs</a> <a href="https://fosstodon.org/tags/javascript" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#javascript</a>

Konstantin :C_H:With <a href="https://infosec.exchange/tags/CVE_2025_29927" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CVE_2025_29927</a>, Next.js has now suffered its second major vulnerability in just three months, following <a href="https://infosec.exchange/tags/CVE_2024_51479" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CVE_2024_51479</a>.I originally built CVE Crowd with <a href="https://infosec.exchange/tags/NextJS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NextJS</a>.However, as the application became more complex (especially with authentication), I decided to switch to a framework I was more familiar with.Honestly, I’m feeling a bit relieved about that right now...<a href="https://infosec.exchange/tags/Pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Pentesting</a> <a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AppSec</a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://infosec.exchange/tags/BugBounty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BugBounty</a> <a href="https://infosec.exchange/tags/Hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Hacking</a> <a href="https://infosec.exchange/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CVE</a> <a href="https://infosec.exchange/tags/CVECrowd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CVECrowd</a>

Suzanne Aldrich (she/her)Critical Next.js Middleware Vulnerability (CVE-2025-29927)A major auth bypass vulnerability in Next.js middleware (prior to v14.2.25 / v15.2.3) allows attackers to inject the x-middleware-subrequest header and bypass authorization entirely. Exploitable via simple HTTP requests—no user interaction, no special permissions.Patch. Now. Or block the header manually.GitHub scored this 9.1 CRITICAL, but the real issue? This flaw exposes a systemic weakness in middleware validation, and some vendors weren’t exactly upfront about the risks.Details + POC: <a href="https://zeropath.com/blog/nextjs-middleware-cve-2025-29927-auth-bypass" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://zeropath.com/blog/nextjs-middleware-cve-2025-29927-auth-bypass</a> NVD: <a href="https://nvd.nist.gov/vuln/detail/CVE-2025-29927" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://nvd.nist.gov/vuln/detail/CVE-2025-29927</a>Security theater is easy. Secure defaults and transparency are harder—but essential.<a href="https://hachyderm.io/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://hachyderm.io/tags/AppSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AppSec</a> <a href="https://hachyderm.io/tags/NextJS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NextJS</a> <a href="https://hachyderm.io/tags/CVE202529927" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CVE202529927</a> <a href="https://hachyderm.io/tags/middleware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#middleware</a> <a href="https://hachyderm.io/tags/securityfail" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#securityfail</a>

:mastodon: decio⚠️ Une faille critique dans Next.js permet de contourner les vérifications d'autorisation effectuées dans le middleware. 👉 Framework React trés populaire pour le rendu web côté serveur.🔍 Détails techniques En injectant l'en-tête <code>x-middleware-subrequest</code>, un attaquant peut bypasser les contrôles d'accès et accéder à des ressources normalement protégées. 💥 Exploit documenté ici ⬇️ "Next.js and the corrupt middleware: the authorizing artifact" 👇 <a href="https://zhero-web-sec.github.io/research-and-things/nextjs-and-the-corrupt-middleware" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://zhero-web-sec.github.io/research-and-things/nextjs-and-the-corrupt-middleware</a>🛡️ Versions vulnérables <ul><li>15.x < 15.2.3 </li><li>14.x < 14.2.25 </li><li>11.1.4 → 13.5.6</li></ul>🔧 Solutions ✔️ Mettez à jour vers 15.2.3 ou 14.2.25 👇 <a href="https://nextjs.org/blog/cve-2025-29927" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://nextjs.org/blog/cve-2025-29927</a> ⬇️ <a href="https://github.com/advisories/GHSA-f82v-jwr5-mffw" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/advisories/GHSA-f82v-jwr5-mffw</a>✔️ En attendant : bloquez les requêtes contenant <code>x-middleware-subrequest</code> côté serveur / WAF🛰️ Et effectivement selon le moteur de recherche de surface d’attaque ONYPHE, il y en a un paquet… y compris en Suisse 🇨🇭 <a href="https://infosec.exchange/tags/CyberVeille" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberVeille</a> <a href="https://infosec.exchange/tags/NextJS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NextJS</a> <a href="https://infosec.exchange/tags/CVE_2025_29927" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CVE_2025_29927</a> <a href="https://infosec.exchange/tags/websec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#websec</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/onyphe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#onyphe</a> <a href="https://infosec.exchange/tags/ASD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ASD</a>

LavX NewsCritical CVE-2025-29927 Vulnerability Exposes Next.js Middleware to Authorization BypassA newly disclosed vulnerability in Next.js, CVE-2025-29927, allows attackers to bypass middleware protections, raising serious security concerns for developers. The Next.js team has swiftly released p...<a href="https://news.lavx.hu/article/critical-cve-2025-29927-vulnerability-exposes-next-js-middleware-to-authorization-bypass" rel="nofollow noopener noreferrer" target="_blank">https://news.lavx.hu/article/critical-cve-2025-29927-vulnerability-exposes-next-js-middleware-to-authorization-bypass</a><a href="https://mastodon.cloud/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#news</a> <a href="https://mastodon.cloud/tags/tech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#tech</a> <a href="https://mastodon.cloud/tags/NextJS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NextJS</a> <a href="https://mastodon.cloud/tags/CVE2025" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CVE2025</a> <a href="https://mastodon.cloud/tags/MiddlewareSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MiddlewareSecurity</a>

LavX NewsUnveiling a Critical Vulnerability in Next.js Middleware: A Deep DiveA recent security discovery has exposed a critical vulnerability in Next.js middleware, affecting all versions from 11.1.4 onwards. This flaw allows attackers to bypass authentication and authorizatio...<a href="https://news.lavx.hu/article/unveiling-a-critical-vulnerability-in-next-js-middleware-a-deep-dive" rel="nofollow noopener noreferrer" target="_blank">https://news.lavx.hu/article/unveiling-a-critical-vulnerability-in-next-js-middleware-a-deep-dive</a><a href="https://mastodon.cloud/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#news</a> <a href="https://mastodon.cloud/tags/tech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#tech</a> <a href="https://mastodon.cloud/tags/NextJS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NextJS</a> <a href="https://mastodon.cloud/tags/WebSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebSecurity</a> <a href="https://mastodon.cloud/tags/CVE2025" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CVE2025</a>

Hacker NewsCVE-2025-29927 – Next.js<a href="https://nextjs.org/blog/cve-2025-29927" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://nextjs.org/blog/cve-2025-29927</a><a href="https://mastodon.social/tags/HackerNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HackerNews</a> <a href="https://mastodon.social/tags/CVE202529927" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CVE202529927</a> <a href="https://mastodon.social/tags/Nextjs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Nextjs</a> <a href="https://mastodon.social/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Security</a> <a href="https://mastodon.social/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Vulnerability</a> <a href="https://mastodon.social/tags/WebDevelopment" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebDevelopment</a> <a href="https://mastodon.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a>

Recent searches

Search options

Administered by:

Server stats: