What is the CVSS score of CVE-2025-57822?

CVE-2025-57822 has a CVSS 3.1 base score of 6.5 (Medium). CVSS vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N. EPSS exploitation probability: 5.6%.

Which versions of Next.js are affected by CVE-2025-57822?

Organizations using Next.js should be aware of notable risk from CVE-2025-57822, a server-side request forgery vulnerability rated CVSS 6.5. Users could be tricked into performing unintended actions.. A patch is available.

Is there a public PoC exploit available for CVE-2025-57822?

Yes, a public proof-of-concept exploit is available for CVE-2025-57822. Prioritise patching immediately. EPSS: 5.6%.

How to fix or mitigate CVE-2025-57822?

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Vendor patch is available.

Next.js CVE-2025-57822

MEDIUM

Server-Side Request Forgery (SSRF) (CWE-918)

2025-08-29 security-advisories@github.com

SSRF Next.js

6.5

CVSS 3.1 · GitHub Advisory

Severity by source

GitHub Advisory PRIMARY

6.5 MEDIUM

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

Low

Availability

None

Lifecycle Timeline

Analysis Generated

Mar 28, 2026 - 19:09 vuln.today

Patch released

Mar 28, 2026 - 19:09 nvd

Patch available

CVE Published

Aug 29, 2025 - 22:15 nvd

MEDIUM 6.5

DescriptionGitHub Advisory

Next.js is a React framework for building full-stack web applications. Prior to versions 14.2.32 and 15.4.7, when next() was used without explicitly passing the request object, it could lead to SSRF in self-hosted applications that incorrectly forwarded user-supplied headers. This vulnerability has been fixed in Next.js versions 14.2.32 and 15.4.7. All users implementing custom middleware logic in self-hosted environments are strongly encouraged to upgrade and verify correct usage of the next() function.

AnalysisAI

Next.js is a React framework for building full-stack web applications. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

Technical ContextAI

This vulnerability is classified as Server-Side Request Forgery (SSRF) (CWE-918), which allows attackers to make the server perform requests to unintended internal or external resources. Next.js is a React framework for building full-stack web applications. Prior to versions 14.2.32 and 15.4.7, when next() was used without explicitly passing the request object, it could lead to SSRF in self-hosted applications that incorrectly forwarded user-supplied headers. This vulnerability has been fixed in Next.js versions 14.2.32 and 15.4.7. All users implementing custom middleware logic in self-hosted environments are strongly encouraged to upgrade and verify correct usage of the next() function. Affected products include: Vercel Next.Js.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Validate and allowlist destination URLs, block requests to internal networks, use network segmentation.

CVE-2025-57822 vulnerability details – vuln.today

Back

Next.js CVE-2025-57822

Severity by source

CVSS VectorGitHub Advisory

Lifecycle Timeline

DescriptionGitHub Advisory

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code