<ul><li>A critical security flaw has been identified in Next.js, a widely-used React framework.</li><li>This vulnerability allows attackers to bypass middleware-based authorization checks by exploiting the x-middleware-subrequest header.</li><li>The severity of this vulnerability depends on how the application is structured and the reliance on middleware for authentication.</li><li>The Next.js team has released patched versions to address the issue and recommends updating applications promptly.</li></ul>

New Next.js Middleware Vulnerability – How Bad Is It?

Discover more