52 matches found
Next.js Middleware Authorization Bypass Scanner
This module detects self-hosted Next.js applications affected by CVE-2025-29927, an authorization bypass in the middleware layer. Next.js tags its own internal subrequests with the x-middleware-subrequest header and skips middleware when it sees it. The header is trusted without verifying it...
Exploit for Incorrect Authorization in Vercel Next.Js
CVE-2025-29927 Lab Minimal reproduction lab for CVE-2025-2992...
Exploit for Incorrect Authorization in Vercel Next.Js
Himalaya Tech Admin Panel — CVE-2025-29927 Demo WARNING:...
Exploit for Incorrect Authorization in Vercel Next.Js
ALPR Dashboard runtime patches Two drop-in patches for the a...
📄 Next.js 15.2.3 Middleware Authorization Bypass
This Python script checks whether a website built with Next.js is vulnerable to CVE‑2025‑29927, a middleware authorization bypass flaw triggered by the request header:x-middleware-subrequest...
Security Bulletin: IBM Security QRadar Network Threat Analytics app for IBM QRadar SIEM includes components with known vulnerabilities
Summary Components with known vulnerabilities were addressed in a IBM Security QRadar Network Threat Analytics app release Vulnerability Details CVEID:CVE-2025-29927 DESCRIPTION: Next.js is a React framework for building full-stack web applications. Starting in version 1.11.4 and prior to version...
Security Bulletin: IBM Security QRadar Network Threat Analytics app for IBM QRadar SIEM includes a component with known vulnerabilities (CVE-2025-29927 & CVE-2025-48068)
Summary The product includes a vulnerable component e.g., framework library that may be identified and exploited with automated tools. IBM Security QRadar Network Threat Analytics app for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-29927 DESCRIPTION:...
Exploit for Improper Authorization in Vercel Next.Js
MiddleForce 🔍 Overview MiddleForce is a speci...
EUVD-2025-9629
Malicious code in bioql PyPI...
Exploit for Improper Authorization in Vercel Next.Js
CVE-2025-29927 — Next.js middleware authorization bypass...
Exploit for Incorrect Authorization in Vercel Next.Js
CVE-2025-29927 Research and Safe Testing Framework This repos...
Exploit for CVE-2025-29927
CVE-2025-29927 - Next.js Middleware 15.2.2 - Authorization Byp...
Security Bulletin: IBM Event Processing is vulnerable to an Authorization Bypass (CVE-2025-29927)
Summary IBM Event Processing is vulnerable to an Authorization Bypass due to the use of a Next.js component. Since Next.js can be used in the UI layer or API routing, unauthorized users may gain access to protected resources or functionalities, potentially compromising the system's integrity...
Security Bulletin: IBM Edge Data Collector is vulnerable to next-15.1.7.tgz CVE-2025-29927
Summary IBM Edge Data Collector is vulnerable to next-15.1.7.tgz CVE-2025-29927. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-29927 DESCRIPTION: Next.js is a React framework for building full-stack web applications. Starting in...
Exploit for Server-Side Request Forgery in Microsoft
CVE-2025-29927 - Critical Security Vulnerability in Next.js...
Exploit for CVE-2025-29927
CVE-2025-29927 - Critical Security Vulnerability in Next.js...
Security Bulletin: MANTA Automated Data Lineage is vulnerable to an authorization check bypass
Summary Next.js is used by MANTA Automated Data Lineage as part of the UI. CVE-2025-29927. Vulnerability Details CVEID:CVE-2025-29927 DESCRIPTION: Next.js is a React framework for building full-stack web applications. Starting in version 1.11.4 and prior to versions 12.3.5, 13.5.9, 14.2.25, and...
Exploit for CVE-2025-29927
CVE-2025-29927 - Next.js Auth Bypass PoC Este es un Proof o...
Exploit for CVE-2025-29927
CVE-2025-29927 Scanner ===================== This Python script...
Exploit for CVE-2025-29927
CVE-2025-29927 – Next.js Middleware Authorization Bypass This...