2 matches found
CVE-2025-59472 vulnerabilities
Vulnerabilities for packages: langfuse, langfuse-fips, jitsucom-jitsu...
CVE-2025-59472
A denial of service vulnerability exists in Next.js versions with Partial Prerendering PPR enabled when running in minimal mode. The PPR resume endpoint accepts unauthenticated POST requests with the Next-Resume: 1 header and processes attacker-controlled postponed state data. Two closely related...