Tag
middleware-bypass
Safeguard articles tagged "middleware-bypass" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Vulnerability Analysis
CVE-2025-29927: Next.js middleware authorization bypass
A spoofable internal header let attackers skip Next.js middleware outright, bypassing auth and route protection across many production deployments.
May 24, 20267 min read
Vulnerability Analysis
React Server Components RCE vulnerability advisory
CVE-2025-29927 lets attackers bypass Next.js middleware auth with a forged header — a chain that can escalate to full RCE on React Server Components apps.
May 23, 20267 min read