Next.js Vulnerability Allows Attackers to Trigger DoS via Cache Poisoning
Posted: Sun Jul 06, 2025 3:08 pm
A critical vulnerability, tracked as CVE-2025-49826, has been discovered and addressed in the popular React-based web framework, Next.js.
The flaw, present in versions >=15.1.0 and <15.1.8, allowed attackers to exploit a cache poisoning bug, potentially leading to a Denial of Service (DoS) condition for affected applications, as per a report by Vercel.
https://gbhackers.com/next-js-vulnerabi ... igger-dos/
The flaw, present in versions >=15.1.0 and <15.1.8, allowed attackers to exploit a cache poisoning bug, potentially leading to a Denial of Service (DoS) condition for affected applications, as per a report by Vercel.
https://gbhackers.com/next-js-vulnerabi ... igger-dos/