A critical flaw in the Next.js React framework could be exploited to bypass authorization checks under certain conditions. Maintainers of Next.js React framework addressed a critical vulnerability tracked asCVE-2025-29927 (CVSS score of 9.1) with the release of versions versions 12.3.5, 13.5.9, 14.2.25, and 15.2.3. >>Next.js version 15.2.3 has been released to address a security vulnerability […]
First seen on securityaffairs.com
Jump to article: securityaffairs.com/175775/security/next-js-react-framework-critical-issue.html
