Share
## https://sploitus.com/exploit?id=7A64C165-19B6-5A17-B654-02AE31BF57F1
# CVE-2025-29927 โ€” Next.js Middleware Authentication Bypass

## Overview

Imagine a bouncer in front of the club, but if you tell him "I'm already in," he lets you pass without checking. That's exactly what CVE-2025-29927 is.

Middleware in Next.js runs before a request is processed, making it the ideal place to handle authentication. Next.js uses an internal `x-middleware-subrequest` header to prevent recursive requests and avoid infinite loops. This vulnerability demonstrates that it's possible to bypass or skip middleware execution entirely โ€” including critical security checks like authentication before reaching a protected route.

---

## Affected Versions

| Branch | Fixed in |
|--------|----------|
| 15.x   | /" \
  -H "X-Middleware-Subrequest: middleware:middleware:middleware:middleware:middleware"
```

---

## Fix

Upgrade Next.js to a patched version:

- `15.x` โ†’ **15.2.3** or higher
- `14.x` โ†’ **14.2.25** or higher
- `13.x` โ†’ **13.5.9** or higher