Next.js

Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927)

March 24, 2025

A critical vulnerability (CVE-2025-29927) in the open source Next.js framework can be exploited by attackers to bypass authorization checks and gain unauthorized access to web …

Resources

Download: Edgescan 2025 Vulnerability Statistics Report
Enzoic AD Lite Password Audit Report
Report: Fortune 500 employee-linked account exposure

Don't miss

Maximum severity Cisco ISE vulnerabilities exploited by attackers
Phishing campaign targets U.S. Department of Education’s G5 portal
Cervantes: Open-source, collaborative platform for pentesters and red teams
Phishing simulations: What works and what doesn’t
Ports are getting smarter and more hackable

Next.js

Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927)

Featured news

Resources

Don't miss