tag
Middleware-Bypass
High
Next.js i18n Middleware Bypass (CVE-2026-44573)
CVE-2026-44573·
Next.js Pages Router with i18n configuration
unpatched
High
Next.js Dynamic Route Injection Auth Bypass (CVE-2026-44574)
CVE-2026-44574·
Next.js App Router with dynamic route segments and middleware-based access control
unpatched
High
Next.js App Router Segment-Prefetch Middleware Bypass (CVE-2026-44575)
CVE-2026-44575·
Next.js App Router applications that rely on middleware.ts matchers to protect routes
patched
Critical
Next.js Corrupt Middleware Auth Bypass (CVE-2025-29927)
CVE-2025-29927·
Next.js (Vercel)
patched