Next.js

Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927)

March 24, 2025

A critical vulnerability (CVE-2025-29927) in the open source Next.js framework can be exploited by attackers to bypass authorization checks and gain unauthorized access to web …

Resources

Webinar: The True State of Security 2026
ISC2 webinar: Power up your exam prep!
Download: Tines Voice of Security 2026 report

Don't miss

ClickFix campaign delivers Mac malware via fake Apple page
Poisoned “Office 365” search results lead to stolen paychecks
What vibe hunting gets right about AI threat hunting, and where it breaks down
Health insurance lead sites sell personal data within seconds of form submission
Claude helps researcher dig up decade-old Apache ActiveMQ RCE vulnerability (CVE-2026-34197)

Next.js

Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927)

Featured news

Resources

Don't miss