Lucene search
K

8 matches found

Metasploit
Metasploit
added 2026/06/24 7:4 p.m.109 views

Next.js Middleware Authorization Bypass Scanner

This module detects self-hosted Next.js applications affected by CVE-2025-29927, an authorization bypass in the middleware layer. Next.js tags its own internal subrequests with the x-middleware-subrequest header and skips middleware when it sees it. The header is trusted without verifying it...

9.1CVSS6.9AI score0.99621EPSS
Exploits58
GithubExploit
GithubExploit
added 2026/03/17 3:25 p.m.109 views

Exploit for Incorrect Authorization in Vercel Next.Js

CVE-2025-29927 — Next.js Middleware Authentication Bypass...

9.1CVSS6AI score0.99621EPSS
Exploits58
Packet Storm News
Packet Storm News
added 2026/02/10 12:0 a.m.8 views

Next.js 15.2.3 Middleware Bypass Scanner

A vulnerability exists in the Next.js middleware handling mechanism, where requests containing the "x-middleware-subrequest" header are processed differently compared to normal requests, potentially allowing attackers to bypass authentication. This is a scanner to test version 15.2.3...

9.1CVSS5.5AI score0.99621EPSS
Exploits58
Packet Storm
Packet Storm
added 2026/01/30 12:0 a.m.167 views

📄 Next.js 13.5.9 Middleware Bypass Scanner

This is an authorization bypass scanner for Next.js versions 13.5.9 and below. A vulnerability exists in the Next.js middleware handling mechanism, where requests containing the "x-middleware-subrequest" header are processed differently compared to normal requests...

9.1CVSS7.3AI score0.99621EPSS
Exploits58
GithubExploit
GithubExploit
added 2025/09/20 8:12 a.m.272 views

Exploit for Improper Authorization in Vercel Next.Js

CVE-2025-29927 — Next.js middleware authorization bypass...

9.1CVSS7.1AI score0.99621EPSS
Exploits58
GithubExploit
GithubExploit
added 2025/07/23 5:35 p.m.108 views

Exploit for CVE-2025-29927

CVE‑2025‑29927 – Next.js Middleware Authorization Bypass O...

9.1CVSS7.6AI score0.99621EPSS
Exploits58
GithubExploit
GithubExploit
added 2025/04/23 8:19 a.m.104 views

Exploit for CVE-2025-29927

CVE-2025-29927 CVE-2025-29927: Next.js Middleware Bypass Vulne...

9.1CVSS6.6AI score0.99621EPSS
Exploits58
GithubExploit
GithubExploit
added 2025/03/24 11:42 a.m.85 views

Exploit for CVE-2025-29927

CVE-2025-29927: Next.js Middleware Bypass PoC Overview This...

9.1CVSS7AI score0.99621EPSS
Exploits58
Rows per page
Query Builder