• Next.js and the corrupt middleware: the authorizing artifact https://zhero-web-sec.github.io/research-and-things/nextjs-and-the-corrupt-middleware 35 comments 23/3/2025
• Show HN: Cotter – Authenticate and authorize users without passwords in Next.js https://blog.cotter.app/passwordless-login-with-email-and-json-web-token-jwt-authentication-with-nextjs/ 3 comments 15/12/2020

• How to: Authorization in Next.js https://www.robinwieruch.de/next-authorization/ 5 comments 26/3/2025 reactjs
• CVE-2025-29927: Authorization Bypass in Next.js Middleware https://nextjs.org/blog/cve-2025-29927 42 comments 23/3/2025 reactjs
• Critical flaw in Next.js lets hackers bypass authorization https://www.bleepingcomputer.com/news/security/critical-flaw-in-nextjs-lets-hackers-bypass-authorization/ 86 comments 24/3/2025 webdev
• Next.js Middleware Exploit: Deep Dive into CVE-2025-29927 Authorization Bypass - ZeroPath Blog https://zeropath.com/blog/nextjs-middleware-cve-2025-29927-auth-bypass 114 comments 22/3/2025 programming