Lucene search
K

5 matches found

OSV
OSV
added 2026/06/18 12:50 p.m.4 views

ROOT-APP-NPM-CVE-2026-29057 CVE-2026-29057 in @rootio/next - Patched by Root

Root has patched CVE-2026-29057 in the @rootio/next package for Root:npm. Multiple fixed versions available...

6.5CVSS5.2AI score0.00427EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/20 12:0 a.m.7 views

Next.js Framework 9.5.x < 15.5.3 / 16.x < 16.1.7 HTTP Request Smuggling (GHSA-ggv3-7p47-pfv8)

The Next.js Framework on the remote host is affected by an HTTP request smuggling vulnerability: - A vulnerability exists in Next.js proxy rewrites where a crafted DELETE/OPTIONS request using Transfer-Encoding: chunked could trigger request boundary disagreement between the proxy and backend. An...

6.5CVSS5.9AI score0.00427EPSS
Exploits0References2
NVD
NVD
added 2026/03/18 1:16 a.m.5 views

CVE-2026-29057

Next.js is a React framework for building full-stack web applications. Starting in version 9.5.0 and prior to versions 15.5.13 and 16.1.7, when Next.js rewrites proxy traffic to an external backend, a crafted DELETE/OPTIONS request using Transfer-Encoding: chunked could trigger request boundary...

6.5CVSS0.00427EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/18 12:30 a.m.5 views

CVE-2026-29057 Next.js: HTTP request smuggling in rewrites

Next.js is a React framework for building full-stack web applications. Starting in version 9.5.0 and prior to versions 15.5.13 and 16.1.7, when Next.js rewrites proxy traffic to an external backend, a crafted DELETE/OPTIONS request using Transfer-Encoding: chunked could trigger request boundary...

6.3CVSS5.9AI score0.00427EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-29057

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Next.js is a React framework for building full-stack web applications. Starting in version 9.5.0 and prior to versions 15.5.13 and 16.1.7, when Next.js rewrites...

6.5CVSS5.9AI score0.00427EPSS
Exploits0References2
Rows per page
Query Builder