Research CVE-2025-29927: Critical Next.js Middleware Authentication Bypass Actively Exploited in the Wild CVE-2025-29927 exposes millions of Next.js applications to full authentication bypass via a malicious request header, with active exploitation confirmed in the wild. Quantnest Radar team Mar 15, 2026 7 min read
