Next.js

Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927)

March 24, 2025

A critical vulnerability (CVE-2025-29927) in the open source Next.js framework can be exploited by attackers to bypass authorization checks and gain unauthorized access to web …

Resources

Download: Edgescan 2025 Vulnerability Statistics Report
Enzoic AD Lite Password Audit Report
Report: Fortune 500 employee-linked account exposure

Don't miss

Google patches actively exploited Chrome (CVE‑2025‑6554)
Federal Reserve System CISO on aligning cyber risk management with transparency, trust
How cybercriminals are weaponizing AI and what CISOs should do about it
How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
CitrixBleed 2 might be actively exploited (CVE-2025-5777)

Next.js

Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927)

Featured news

Resources

Don't miss