NextJs Servers Hacked ?

Unanswered

Smalandstövare posted this in #help-forum

SmalandstövareOP

2025-12-25T08:24:24.104Z

Do anybody know about this ? Can this cause security issue with existing NextJs version ?

News Source - https://cybersecuritynews.com/pcpcat-hacked-next-js-servers/

I'm not sure which location servers were these.

6 Replies

@Smalandstövare Do anybody know about this ? Can this cause security issue with existing NextJs version ? News Source - https://cybersecuritynews.com/pcpcat-hacked-next-js-servers/ I'm not sure which location servers were these.

B33fb0n3

2025-12-25T08:58:37.772Z

yea, CVE-2025-29927 was a vulnability in nextjs and it got fixed in future versions. Depending on what your "existing nextjs version" is, it might be already fixed for you

B33fb0n3

2025-12-27T10:04:03.497Z

@Smalandstövaresolved?

SmalandstövareOP

2025-12-27T10:06:20.994Z

Version upgrade is still in progress. Literally 100 developers worked on this finance project.. Too many dependencies not compatible with latest NextJs.

@Smalandstövare Version upgrade is still in progress. Literally 100 developers worked on this finance project.. Too many dependencies not compatible with latest NextJs.

B33fb0n3

2025-12-27T10:23:51.023Z

There are "patches" that are published. You can just keep your major version and just upgrade to the patch. There are no breaking changes

SmalandstövareOP

2025-12-27T16:31:38.100Z

Yeah

@Smalandstövare Yeah

B33fb0n3

2025-12-29T08:16:55.797Z

so why having issues with upgrading?