Main Vulnerability Database Exploits ID:12088 - Exploit for Improper authorization in Next.js - CVE-2025-29927

ID:12088 - Exploit for Improper authorization in Next.js - CVE-2025-29927

Published: November 7, 2025

Vulnerability identifier: #VU105939

Vulnerability risk: High

CVE-ID: CVE-2025-29927

CWE-ID: CWE-285

Exploitation vector: Remote access

Vulnerable software:
Next.js

Link to public exploit:

https://github.com/BugHawak/CVE-2025-29927

Vulnerability description

The vulnerability allows a remote attacker to bypass authorization process.

The vulnerability exists due to missing authorization checks. A remote attacker can bypass authorization mechanism and compromise the affected application.

Remediation

Install updates from vendor's website.

ID:12088 - Exploit for Improper authorization in Next.js - CVE-2025-29927

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human