Bleeping Computer

Critical flaw in Next.js lets hackers bypass authorization

A critical severity vulnerability has been discovered in the Next.js open-source web development framework, potentially allowing attackers to bypass authorization checks. The flaw, tracked as CVE-2025 ...