Popular:
Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

Urgent: Next.js Security Update Patches Critical Vulnerability

2025-03-22
Urgent: Next.js Security Update Patches Critical Vulnerability

Next.js has released version 15.2.3 to address a critical security vulnerability (CVE-2025-29927) that could allow unauthorized access. The vulnerability lies in the handling of the `x-middleware-subrequest` header in middleware, potentially allowing attackers to bypass critical security checks such as authentication. All self-hosted Next.js deployments using `next start` and `output: 'standalone'` are urged to update immediately. Patches for Next.js 14.x and 13.x are also available.

(nextjs.org)
Development
The Mythical Vectrex Computer: A Lost Piece of 80s Gaming History Unearthed
Unreal Tournament's Sniper Rifle: A Balancing Act Between Physics and Gameplay