fix(security): patch CVE-2025-66478 Next.js RCE vulnerability (#736)

ben-vargas · web-flow · commit 183341420395 · 2025-12-08T00:34:21.000Z
diff --git a/examples/nextjs/package.json b/examples/nextjs/package.json
@@ -16,7 +16,7 @@
     "class-variance-authority": "^0.7.1",
     "clsx": "^2.1.1",
     "lucide-react": "^0.515.0",
-    "next": "15.4.7",
+    "next": "15.4.8",
     "react": "^19.0.0",
     "react-dom": "^19.0.0",
     "tailwind-merge": "^3.3.1",
diff --git a/examples/realtime-next/package.json b/examples/realtime-next/package.json
@@ -13,7 +13,7 @@
     "@radix-ui/react-slot": "^1.2.3",
     "class-variance-authority": "^0.7.1",
     "clsx": "^2.1.1",
-    "next": "15.4.7",
+    "next": "15.4.8",
     "react": "^19.0.0",
     "react-dom": "^19.0.0",
     "tailwind-merge": "^3.3.0",
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
