CVE-2026-44575
Summary: CVE-2026-44575 affects Next.js App Router: middleware/proxy authorization checks can be bypassed via transport-specific route variants used for segment prefetching. Specifically, in versions 15.2.0–before 15.5.16 and 16.2.5, specially crafted .rsc and segment-prefetch URLs can resolve to...