Vercel News Articles
Recent news articles refferecing the vendors vulnerabilities.
H-ISAC TLP White Threat Bulletin: Critical Authorization Bypass Vulnerability Announced For Next.js Middleware (CVE-2025-29927) | AHA
On March 23, 2025, a critical vulnerability in Next.js middleware was disclosed and tracked as CVE-2025-29927.
5 days ago
Cyber Security Agency of SingaporeCVE-2025-29927Critical Vulnerability in Next.js
Next.js has released updates addressing a critical vulnerability (CVE-2025-29927) in Next.js React framework, which is used for building web applications...
1 week ago
CyberScoopCVE-2025-29927Researchers raise alarm about critical Next.js vulnerability
The software defect in the widely used open-source JavaScript framework allows attackers to bypass middleware-based authorization.
1 week ago
devclassCVE-2025-29927Next.js team fixes vuln that allows auth bypass when middleware is used, revises documentation recommending this method • DEVCLASS
Development Security Next.js team fixes vuln that allows auth bypass...
1 week ago
Cyber Security Agency of SingaporeCVE-2025-29927Critical Vulnerability in Next.js
Next.js has released updates addressing a critical vulnerability (CVE-2025-29927) in Next.js React framework, which is used for building web applications...
1 week ago
Critical flaw in Next.js lets hackers bypass authorization
A critical severity vulnerability has been discovered in the Next.js open-source web development framework, potentially allowing attackers to bypass authorization checks.
1 week ago
Help Net SecurityCVE-2025-29927Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927) - Help Net Security
A critical auth bypass vulnerability (CVE-2025-29927) in the Next.js framework can be trivially exploited to compromise web apps.
1 week ago
Developer Tech NewsCVE-2025-29927Critical security flaw uncovered in Next.js framework
A critical security flaw has been discovered in the popular Next.js framework, potentially impacting millions of websites and applications.
1 week ago
The Hacker NewsCVE-2025-29927Critical Next.js Vulnerability Allows Attackers to Bypass Middleware Authorization Checks
Next.js flaw CVE-2025-29927 bypasses authorization checks in versions 12.3.5 to 15.2.3, risking admin page access.
1 week ago
CybersecurityNewsCVE-2024-46982Next.js Framework Vulnerability Exposes Websites To Cache Poisoning & XSS Attacks
A critical vulnerability, identified as CVE-2024-46982, has been discovered in the popular Next.js framework, widely used for building full-stack web applications.
CybersecurityNewsCVE-2024-51479Next.js Authorization Bypass Vulnerability Exposes Root-Level Pages
A critical security vulnerability tracked as CVE-2024-51479 has been identified in Next.js, a widely used React framework for building web applications.
GBHackers NewsCVE-2024-51479Next.js Vulnerability Let Attackers Bypass Authentication
A high-severity vulnerability has been discovered in the popular web framework, Next.js, which allows attackers to bypass authentication.
Critical Next.js Vulnerability Let Attackers Compromise Server Operations
Two new vulnerabilities have been discovered in Next.js which were related to response queue poisoning and SSRF on certain Next.js versions.