stux @stux

CVE-2025-29927 9.1 critical score in Next.js

"Prior to 14.2.25 and 15.2.3, it is possible to bypass authorization checks within a Next.js application, if the authorization check occurs in middleware"

> This vulnerability is fixed in 14.2.25 and 15.2.3.

https://nvd.nist.gov/vuln/detail/CVE-2025-29927

nvd.nist.govNVD - CVE-2025-29927

Mar 24, 2025, 01:13 PM·

2boosts·4favorites

**Emil Jacobs - Collectifission** @collectifission@greennuclear.online · Mar 24

Mar 24

Emil Jacobs - Collectifission @collectifission@greennuclear.online

@stux Isn't this ancient stuff?

**stux** @stux · Mar 24

Mar 24

stux @stux

@collectifission NVD Published Date:
03/21/2025
NVD Last Modified:
03/23/2025

**Emil Jacobs - Collectifission** @collectifission@greennuclear.online · Mar 24

Mar 24

Emil Jacobs - Collectifission @collectifission@greennuclear.online

@stux I mean the 14 and 15 versions. I see their latest release dates from 2021 and 2023.

https://nodejs.org/en/about/previous-releases

nodejs.orgNode.js — Node.js ReleasesNode.js® is a JavaScript runtime built on Chrome's V8 JavaScript engine.

**stux** @stux · Mar 24

Mar 24

stux @stux

@collectifission aaah! I guess indeed could be it's still widly used perhaps

Drag & drop to upload

Recent searches

Search options

Administered by:

Server stats:

Recent searches

Search options

Administered by:

Server stats:

Back