Next.js and the corrupt middleware: the authorizing artifact
Published in zhero_web_security, 2025
CVE-2025-29927
Research & Things
Nuxt, show me your payload - a basic CP DoS
Published in zhero_web_security, 2025
CVE-2025-27415
Next.js, cache, and chains: the stale elixir
Published in zhero_web_security, 2025
CVE-2024-46982
Next.js and cache poisoning: a quest for the black hole
Published in zhero_web_security, 2024
CVE-2024-XXXX
WAF as a weapon and DOS as a bullet
Published in zhero_web_security, 2024