Next.js

vercel/next.js last check 179 releases
Notes
no notes yet
Release notes
v15.2.4 · 1y+
view on github

> [!NOTE]
> This release is backporting bug fixes. It does not include all pending features/changes on canary. > This release contains a security patch for CVE-2025-29927.

Core Changes

  • Match subrequest handling for edge and node (#77474)
  • exclude images and static media from dev origin check (#77417)
  • ensure /__next middleware URLs are included in the origin check (#77416)
  • remove direct ip/port bypass in dev origin check (#77414)
  • switch development origin verification to be opt-in rather than opt-out (#77395)

Credits

Huge thanks to @ijjk and @ztanner for helping!