CVE-2025-29927 - GitHub Advisory Database

1 min read Original article ↗

Skip to content

Navigation Menu

Authorization Bypass in Next.js Middleware

Critical severity GitHub Reviewed Published Mar 21, 2025 in vercel/next.js • Updated Oct 13, 2025

Affected versions

>= 13.0.0, < 13.5.9

>= 14.0.0, < 14.2.25

>= 15.0.0, < 15.2.3

>= 11.1.4, < 12.3.5

Patched versions

13.5.9

14.2.25

15.2.3

12.3.5

Description

Published to the GitHub Advisory Database

Mar 21, 2025

Last updated

Oct 13, 2025