Next.js

Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927)

March 24, 2025

A critical vulnerability (CVE-2025-29927) in the open source Next.js framework can be exploited by attackers to bypass authorization checks and gain unauthorized access to web …

Resources

Download: Edgescan 2025 Vulnerability Statistics Report
Enzoic AD Lite Password Audit Report
Report: Fortune 500 employee-linked account exposure

Don't miss

Google strengthens secure enterprise access from BYOD Android devices
Southwest Airlines CISO on tackling cyber risks in the aviation industry
Insider risk management needs a human strategy
Cerbos: Open-source, scalable authorization solution
Patch Tuesday: Microsoft fixes 5 actively exploited zero-days

Next.js

Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927)

Featured news

Resources

Don't miss