Introduction
On March 21st, 2025, the Next.js maintainers announced a critical authorization bypass vulnerability – CVE-2025-29927. This vulnerability is easily exploitable, allowing attackers to bypass authorization mechanisms. In some instances, it...