CVE-2025-57822
MEDIUM NUCLEINext.js < 14.2.32 - Server-Side Request Forgery via next() Function
Title source: llmExploitation Summary
CVE-2025-57822 has a Nuclei detection template available — see the Nuclei card below for the Shodan/FOFA recon queries.
Description
Next.js is a React framework for building full-stack web applications. Prior to versions 14.2.32 and 15.4.7, when next() was used without explicitly passing the request object, it could lead to SSRF in self-hosted applications that incorrectly forwarded user-supplied headers. This vulnerability has been fixed in Next.js versions 14.2.32 and 15.4.7. All users implementing custom middleware logic in self-hosted environments are strongly encouraged to upgrade and verify correct usage of the next() function.
Nuclei Templates (1)
Next.js Middleware - Server-Side Request Forgery
MEDIUMVERIFIEDby prdngr,nicolas-latacora
Shodan:
cpe:"cpe:2.3:a:zeit:next.js" || http.html:"/_next/static"
FOFA:
body="/_next/static"
References (3)
Core 3
Core References
Vendor Advisory x_refsource_confirm
https://github.com/vercel/next.js/security/advisories/GHSA-4342-x723-ch2f
Patch x_refsource_misc
https://github.com/vercel/next.js/commit/9c9aaed5bb9338ef31b0517ccf0ab4414f2093d8
Mitigation, Vendor Advisory x_refsource_misc
https://vercel.com/changelog/cve-2025-57822
Scores
CVSS v3
6.5
EPSS
0.0781
EPSS Percentile
92.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-918
Status
published
Products (2)
npm/next
0.9.9 - 14.2.32npm
vercel/next.js
< 14.2.32
Published
Aug 29, 2025
Tracked Since
Feb 18, 2026