Skip to content

Commit b4c3bc7

Browse files
suisusssuisuss
committed
fix: upgrade next 16.0.1 -> 16.0.7 (CVE-2025-66478)
Critical security fix for Remote Code Execution vulnerability in React Server Components. CVSS: 10.0 (Critical) References: - https://nextjs.org/blog/CVE-2025-66478 - https://react2shell.com/
1 parent d216804 commit b4c3bc7

File tree

2 files changed

+57
-56
lines changed

2 files changed

+57
-56
lines changed

package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -45,7 +45,7 @@
4545
"lucide-react": "^0.552.0",
4646
"motion": "^12.23.24",
4747
"nanoid": "^5.1.6",
48-
"next": "16.0.1",
48+
"next": "16.0.7",
4949
"next-themes": "^0.4.6",
5050
"openai": "^6.8.1",
5151
"postgres": "^3.4.7",

pnpm-lock.yaml

Lines changed: 56 additions & 55 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)