The CRITICAL Next.js Vulnerability you NEED to be aware of...

A major security flaw has been discovered in Next.js, potentially leaving thousands of applications vulnerable to attacks. In this video, we will be uncovering how this vulnerability was discovered, who is impacted by it and what you can do to secure your applications.

Use Snyk for free to find and fix security issues in your applications today! https://snyk.co/ugLYn

✍️ Resources ✍️

• Rachid Allam's Blog Post: https://zhero-web-sec.github.io/research-and-things/nextjs-and-the-corrupt-middleware
• Snyk Vulnerability Blog Post: https://snyk.co/uide9
• Vulnerable GitHub Repository: https://github.com/lirantal/vulnerable-nextjs-14-CVE-2025-29927

⏲️ Chapters ⏲️

00:00 - Intro

00:12 - What is middleware?

02:05 - Optimistic checks with middleware

03:51 - Next.js disclosure

04:20 - Snyk vulnerability database

04:44 - Are you affected?

05:17 - Who discovered it?

06:02 - The vulnerability in action

09:24 - Easily identify vulnerabilities

10:21 - Outro

⚒️ About Snyk ⚒️

Snyk helps you find and fix vulnerabilities in your code, open-source dependencies, containers, infrastructure-as-code, software pipelines, IDEs, and more! Move fast, stay secure.

Learn more about Snyk: https://snyk.co/ugLYl

📱 Connect with Us 📱

🖥️ Website: https://snyk.co/ugLYl
🐦 X: http://twitter.com/snyksec
💼 LinkedIn: https://www.linkedin.com/company/snyk
💬 Discord: https://discord.gg/devsecops-community-918181751526948884

• ️ Subscribe: https://www.youtube.com/c/SnykSec
• 🔥 We're hiring! Check our open roles: https://snyk.co/ugLYp

🔗 Hashtags 🔗
#nextjs #DevSecOps #snyk #middleware