Software catalogue for Zeit
Latest security bulletins
| Secuity bulletin | Severity | Status | Published |
|---|---|---|---|
| SB2025120334: Remote code execution via React Server Components in Next.js | Critical | 03.12.2025 | |
| SB2025083005: Use of cache containing sensitive information in Next.js | Medium | 30.08.2025 | |
| SB2025083004: External image manipulation in Next.js | Low | 30.08.2025 | |
| SB2025083002: SSRF in Next.js | Medium | 30.08.2025 | |
| SB2025070419: Denial of service via cache poisoning in Next.js | Medium | 04.07.2025 | |
| SB2025070417: Cache poisoning attack in Next.js | Medium | 04.07.2025 | |
| SB2025052970: Missing WebSocket origin validation in Next.js | Low | 29.05.2025 | |
| SB2025051603: Cache poisoning in Next.js | Low | 16.05.2025 | |
| SB2025040314: Information disclosure in Next.js | Low | 03.04.2025 | |
| SB2025032132: Authorization bypass in Next.js | High | 21.03.2025 |