CNNVD-202507-295 Information

CNNVD ID

CNNVD-202507-295

Related CVE

CVE-2025-49826

• CNNVD Published: 2025-07-03

Description (Chinese)

Next.js是Vercel开源的一个 React 框架。 Next.js 15.0.4-canary.51至15.1.8之前版本存在安全漏洞，该漏洞源于缓存污染漏洞，可能导致拒绝服务。

Description (English)

Next.js is a react framework for Vercel ’s open source. Next.js 15.0.4-canary.51 to 15.1.8 had a security loophole, which stemmed from a cache of contamination that could lead to the denial of services.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Vercel

Published

2025-07-03

Last Modified

2026-02-24

References

https://github.com/vercel/next.js/commit/a15b974ed707d63ad4da5b74c1441f5b7b120e93 https://github.com/vercel/next.js/releases/tag/v15.1.8 https://github.com/vercel/next.js/security/advisories/GHSA-67rr-84xm-4c7r https://vercel.com/changelog/cve-2025-49826 https://access.redhat.com/security/cve/cve-2025-49826

Patch

https://github.com/vercel/next.js/releases