<ul><li>A critical flaw in the Next.js React framework could be exploited to bypass authorization checks under certain conditions.</li><li>The Next.js React framework has addressed the vulnerability in versions 12.3.5, 13.5.9, 14.2.25, and 15.2.3.</li><li>Authorization checks in Next.js middleware can be bypassed, potentially allowing unauthorized access.</li><li>Next.js users are advised to update their framework or use a workaround to protect their applications.</li></ul>

Attackers can bypass middleware auth checks by exploiting critical Next.js flaw

Discover more