Critical Vulnerability in Next.js React Framework Could Bypass Authorization Checks

A critical vulnerability in the Next.js React framework could be exploited to bypass authorization checks under certain conditions. The maintainers of Next.js have addressed a critical vulnerability, referenced under the number CVE-2025-29927 (CVSS score of 9.1), with the release of versions 12.3.5, 13.5.9, 14.2.25, and 15.2.3. Version 15.2.3 of Next.js has been published to resolve this security issue.