Security News > 2025 > March > Critical flaw in Next.js lets hackers bypass authorization

Critical flaw in Next.js lets hackers bypass authorization

2025-03-24 16:15

A critical severity vulnerability has been discovered in the Next.js open-source web development framework, potentially allowing attackers to bypass authorization checks. [...]

News URL

https://www.bleepingcomputer.com/news/security/critical-flaw-in-nextjs-lets-hackers-bypass-authorization/

#bypass #critical #hacker

Related news

GitLab patches critical authentication bypass vulnerabilities (source)
Critical Next.js Vulnerability Allows Attackers to Bypass Middleware Authorization Checks (source)
Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927) (source)
Update VMware Tools for Windows Now: High-Severity Flaw Lets Hackers Bypass Authentication (source)
Critical auth bypass bug in CrushFTP now exploited in attacks (source)
Critical FortiSwitch flaw lets hackers change admin passwords remotely (source)
Hackers exploit WordPress plugin auth bypass hours after disclosure (source)
ASUS warns of critical auth bypass flaw in routers using AiCloud (source)
Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised (source)
CISA warns of hackers targeting critical oil infrastructure (source)

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.