From 1d32c29fcaf466a577b05f3ef2608507647516f9 Mon Sep 17 00:00:00 2001
From: Chris Tate <ctate@users.noreply.github.com>
Date: Thu, 11 Dec 2025 17:24:03 -0600
Subject: [PATCH] fix: upgrade Next.js to 15.2.7 (CVE-2025-55182)

This upgrade fixes CVE-2025-55182, a React Server Components RCE vulnerability.
---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index f67158d372..81a0804b63 100644
--- a/package.json
+++ b/package.json
@@ -24,7 +24,7 @@
     "gray-matter": "^4.0.2",
     "hast-util-from-html-isomorphic": "^2.0.0",
     "image-size": "2.0.1",
-    "next": "15.2.4",
+    "next": "15.2.7",
     "next-contentlayer2": "0.5.5",
     "next-themes": "^0.4.6",
     "pliny": "0.4.1",