Next.js and the corrupt middleware: the authorizing artifact
CVE-2025-29927
zhero-web-sec.github.io