{"id":3724,"date":"2025-07-08T04:47:44","date_gmt":"2025-07-08T04:47:44","guid":{"rendered":"https:\/\/certera.com\/blog\/?p=3724"},"modified":"2025-07-08T04:50:57","modified_gmt":"2025-07-08T04:50:57","slug":"critical-next-js-cache-poisoning-vulnerability-cve-2025-49826","status":"publish","type":"post","link":"https:\/\/certera.com\/blog\/critical-next-js-cache-poisoning-vulnerability-cve-2025-49826\/","title":{"rendered":"Critical Next.js Cache Poisoning Vulnerability: CVE-2025-49826"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">CVE-2025-49826 is a serious vulnerability in Next.js, a widely used web framework based on the React platform. This vulnerability enables attackers to poison the cache and redirect users to blank pages.&nbsp;This results in a <a href=\"https:\/\/certera.com\/blog\/largest-ddos-attacks-reported-till-today\/\">denial-of-service (DoS) attack<\/a>. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">This vulnerability affects <strong>Next.js versions 15.1.0 to 15.1.7<\/strong>. The cache poisoning occurs when conflicting cache settings are used together with dramatic handling of HTTP 204 (No Content).<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-next-js-cache-poisoning-flaw\">Next.js Cache Poisoning Flaw<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Affected Framework:<\/strong> Next.js (React-based)<\/li>\n\n\n\n<li><strong>Vulnerability ID:<\/strong> CVE-2025-49826<\/li>\n\n\n\n<li><strong>Severity:<\/strong> High (CVSS 7.5)<\/li>\n\n\n\n<li><strong>Impact:<\/strong> Denial of Service (DoS) via cache poisoning<\/li>\n\n\n\n<li><strong>Versions Affected:<\/strong> 15.1.0 to &lt;15.1.8<\/li>\n\n\n\n<li><strong>Fixed In:<\/strong> 15.1.8, 15.2.0<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-how-does-this-vulnerability-work\">How Does This Vulnerability Work?<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">The bug happens when:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>The app uses Incremental Static Regeneration (ISR) with cache revalidation.<\/li>\n\n\n\n<li>The app uses Server-Side Rendering (SSR).<\/li>\n\n\n\n<li>A CDN caches HTTP 204 responses.<\/li>\n\n\n\n<li>The app runs on Next.js 15.1.0 to 15.1.7.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Attackers force a blank 204 response into the cache. All users then get empty pages, leading to a DoS condition.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Also Read:<\/strong> <a href=\"https:\/\/certera.com\/blog\/cloudflare-blocks-largest-ddos-attack-ever-7-3-tbps-and-37-4-tb-in-just-45-seconds\/\">Cloudflare Blocks Largest DDoS Attack Ever: 7.3 Tbps and 37.4 TB in Just 45 Seconds<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-how-was-it-fixed\">How Was It Fixed?<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">The Next.js team took swift action. They:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Removed the code that allowed 204 responses in the cache.<\/li>\n\n\n\n<li>Fixed a race condition that caused improper caching.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-patch-versions\">Patch Versions:<\/h3>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><tbody><tr><td><strong>Version Type<\/strong><\/td><td><strong>Fixed Version<\/strong><\/td><\/tr><tr><td>Patch release<\/td><td>15.1.8<\/td><\/tr><tr><td>Enhanced fix<\/td><td>15.2.0<\/td><\/tr><tr><td>Older major version backport<\/td><td>15.0.4<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-what-should-developers-do-now\">What Should Developers Do Now?<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-upgrade-immediately\">Upgrade Immediately<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>If on 15.1.0 to 15.1.7, <strong>move to 15.1.8 or 15.2.0+<\/strong>.<\/li>\n\n\n\n<li>If on older major versions, ensure you\u2019re using 15.0.4 or below.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-review-cdn-settings\">Review CDN Settings<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Don\u2019t cache 204 responses on critical routes.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-monitor\">Monitor<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Watch logs for unexpected 204 patterns.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Vercel-hosted apps are safe as their CDN blocks this attack.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-why-is-this-important\">Why Is This Important?<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Contemporary frameworks utilize advanced caching mechanisms designed to improve the performance and speed of sites, but it is useful to note that vulnerabilities in their caching logic, as in this example, could be exploited to conduct catastrophic DoS attacks at scale. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Also Read:<\/strong> <a href=\"https:\/\/certera.com\/blog\/critical-openssh-vulnerabilities-expose-systems-to-mitm-and-dos-attacks\/\">Critical OpenSSH Vulnerabilities Expose Systems to MitM and DoS Attacks<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Therefore, it is vital that senior developers and architects enhance their awareness of caching and review their cache rules on a regular basis.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-risk-factors-table\">Risk Factors Table<\/h3>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><tbody><tr><td><strong>Factor<\/strong><\/td><td><strong>Details<\/strong><\/td><\/tr><tr><td>Impact<\/td><td>Blank pages cause site blackout<\/td><\/tr><tr><td>Conditions<\/td><td>Next.js 15.1.0-15.1.7 + ISR + SSR + CDN caching 204<\/td><\/tr><tr><td>CVSS Score<\/td><td>7.5 (High)<\/td><\/tr><tr><td>Exploitable By<\/td><td>Poisoned cache with 204 response<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-how-to-prevent-this-type-of-vulnerability-and-attack\">How to Prevent this Type of Vulnerability and Attack?<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Don&#8217;t let cache poisoning or Denial of Service (DoS) attacks threaten your business. <a href=\"https:\/\/certera.com\/sitelock\">SiteLock<\/a> delivers comprehensive, automated security to automatically scan, detect, and fix threats (cache poisoning, ransomware, malicious code, and more) as they arise.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Daily Vulnerability Scanning<\/li>\n\n\n\n<li>Automatic Malware Removal<\/li>\n\n\n\n<li>Web Application Firewall (WAF)<\/li>\n\n\n\n<li>DDoS Protection &amp; CDN Optimization<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Get started with <a href=\"https:\/\/certera.com\/sitelock\">SiteLock<\/a> now and secure your Next.js apps from hidden risks.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE-2025-49826 is a serious vulnerability in Next.js, a widely used web framework based on the React platform. This vulnerability enables attackers to poison the cache and redirect users to blank pages.&nbsp;This results in a denial-of-service (DoS) attack. This vulnerability affects Next.js versions 15.1.0 to 15.1.7. The cache poisoning occurs when conflicting cache settings are used<span class=\"morelink d-block mt-3\"><a href=\"https:\/\/certera.com\/blog\/critical-next-js-cache-poisoning-vulnerability-cve-2025-49826\/\">Read More<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":3726,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[31,32],"tags":[711,710],"class_list":["post-3724","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cyber-attack","category-vulnerability","tag-cve-2025-49826","tag-next-js-cache-poisoning-vulnerability","entry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v24.6 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Critical Next.js Cache Poisoning Vulnerability (CVE-2025-49826)<\/title>\n<meta name=\"description\" content=\"A critical security Cache Poisoning Vulnerability (CVE-2025-49826) discovered in Next.js, allowing attackers to trigger a DoS Condition.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/certera.com\/blog\/critical-next-js-cache-poisoning-vulnerability-cve-2025-49826\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Critical Next.js Cache Poisoning Vulnerability: CVE-2025-49826\" \/>\n<meta property=\"og:description\" content=\"A critical security Cache Poisoning Vulnerability (CVE-2025-49826) discovered in Next.js, allowing attackers to trigger a DoS Condition.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/certera.com\/blog\/critical-next-js-cache-poisoning-vulnerability-cve-2025-49826\/\" \/>\n<meta property=\"og:site_name\" content=\"EncryptedFence by Certera - Web &amp; Cyber Security Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/certeraLLC\/\" \/>\n<meta property=\"article:published_time\" content=\"2025-07-08T04:47:44+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-07-08T04:50:57+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/certera.com\/blog\/wp-content\/uploads\/2025\/07\/nextjs-cache-poisoning-vulnerability-CVE-2025-49826.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"960\" \/>\n\t<meta property=\"og:image:height\" content=\"620\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Janki Mehta\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@certera_llc\" \/>\n<meta name=\"twitter:site\" content=\"@certera_llc\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Janki Mehta\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/critical-next-js-cache-poisoning-vulnerability-cve-2025-49826\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/critical-next-js-cache-poisoning-vulnerability-cve-2025-49826\\\/\"},\"author\":{\"name\":\"Janki Mehta\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#\\\/schema\\\/person\\\/e5a476aa90d9e02260ebfe4b0bf046b7\"},\"headline\":\"Critical Next.js Cache Poisoning Vulnerability: CVE-2025-49826\",\"datePublished\":\"2025-07-08T04:47:44+00:00\",\"dateModified\":\"2025-07-08T04:50:57+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/critical-next-js-cache-poisoning-vulnerability-cve-2025-49826\\\/\"},\"wordCount\":450,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/critical-next-js-cache-poisoning-vulnerability-cve-2025-49826\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/07\\\/nextjs-cache-poisoning-vulnerability-CVE-2025-49826.webp\",\"keywords\":[\"CVE-2025-49826\",\"Next.js Cache Poisoning Vulnerability\"],\"articleSection\":[\"Cyber Attack\",\"Vulnerability\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/certera.com\\\/blog\\\/critical-next-js-cache-poisoning-vulnerability-cve-2025-49826\\\/#respond\"]}],\"copyrightYear\":\"2025\",\"copyrightHolder\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#organization\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/critical-next-js-cache-poisoning-vulnerability-cve-2025-49826\\\/\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/critical-next-js-cache-poisoning-vulnerability-cve-2025-49826\\\/\",\"name\":\"Critical Next.js Cache Poisoning Vulnerability (CVE-2025-49826)\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/critical-next-js-cache-poisoning-vulnerability-cve-2025-49826\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/critical-next-js-cache-poisoning-vulnerability-cve-2025-49826\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/07\\\/nextjs-cache-poisoning-vulnerability-CVE-2025-49826.webp\",\"datePublished\":\"2025-07-08T04:47:44+00:00\",\"dateModified\":\"2025-07-08T04:50:57+00:00\",\"description\":\"A critical security Cache Poisoning Vulnerability (CVE-2025-49826) discovered in Next.js, allowing attackers to trigger a DoS Condition.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/critical-next-js-cache-poisoning-vulnerability-cve-2025-49826\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/certera.com\\\/blog\\\/critical-next-js-cache-poisoning-vulnerability-cve-2025-49826\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/critical-next-js-cache-poisoning-vulnerability-cve-2025-49826\\\/#primaryimage\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/07\\\/nextjs-cache-poisoning-vulnerability-CVE-2025-49826.webp\",\"contentUrl\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/07\\\/nextjs-cache-poisoning-vulnerability-CVE-2025-49826.webp\",\"width\":960,\"height\":620,\"caption\":\"Next.js Cache Poisoning Vulnerability\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/critical-next-js-cache-poisoning-vulnerability-cve-2025-49826\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/certera.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Critical Next.js Cache Poisoning Vulnerability: CVE-2025-49826\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/\",\"name\":\"EncryptedFence by Certera - Web & Cyber Security Blog\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#organization\"},\"alternateName\":\"Certera's EncryptedFence Blog\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/certera.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#organization\",\"name\":\"Certera\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/logo-encryptedfence.svg\",\"contentUrl\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/logo-encryptedfence.svg\",\"caption\":\"Certera\"},\"image\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/certeraLLC\\\/\",\"https:\\\/\\\/x.com\\\/certera_llc\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/certera-llc\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#\\\/schema\\\/person\\\/e5a476aa90d9e02260ebfe4b0bf046b7\",\"name\":\"Janki Mehta\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g\",\"caption\":\"Janki Mehta\"},\"description\":\"Janki Mehta is a passionate Cyber-Security Enthusiast who keenly monitors the latest developments in the Web\\\/Cyber Security industry. She puts her knowledge into practice and helps web users by arming them with the necessary security measures to stay safe in the digital world.\",\"sameAs\":[\"https:\\\/\\\/certerassl.com\\\/\"],\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/author\\\/certerabguser\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Critical Next.js Cache Poisoning Vulnerability (CVE-2025-49826)","description":"A critical security Cache Poisoning Vulnerability (CVE-2025-49826) discovered in Next.js, allowing attackers to trigger a DoS Condition.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/certera.com\/blog\/critical-next-js-cache-poisoning-vulnerability-cve-2025-49826\/","og_locale":"en_US","og_type":"article","og_title":"Critical Next.js Cache Poisoning Vulnerability: CVE-2025-49826","og_description":"A critical security Cache Poisoning Vulnerability (CVE-2025-49826) discovered in Next.js, allowing attackers to trigger a DoS Condition.","og_url":"https:\/\/certera.com\/blog\/critical-next-js-cache-poisoning-vulnerability-cve-2025-49826\/","og_site_name":"EncryptedFence by Certera - Web &amp; Cyber Security Blog","article_publisher":"https:\/\/www.facebook.com\/certeraLLC\/","article_published_time":"2025-07-08T04:47:44+00:00","article_modified_time":"2025-07-08T04:50:57+00:00","og_image":[{"width":960,"height":620,"url":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2025\/07\/nextjs-cache-poisoning-vulnerability-CVE-2025-49826.webp","type":"image\/jpeg"}],"author":"Janki Mehta","twitter_card":"summary_large_image","twitter_creator":"@certera_llc","twitter_site":"@certera_llc","twitter_misc":{"Written by":"Janki Mehta","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/certera.com\/blog\/critical-next-js-cache-poisoning-vulnerability-cve-2025-49826\/#article","isPartOf":{"@id":"https:\/\/certera.com\/blog\/critical-next-js-cache-poisoning-vulnerability-cve-2025-49826\/"},"author":{"name":"Janki Mehta","@id":"https:\/\/certera.com\/blog\/#\/schema\/person\/e5a476aa90d9e02260ebfe4b0bf046b7"},"headline":"Critical Next.js Cache Poisoning Vulnerability: CVE-2025-49826","datePublished":"2025-07-08T04:47:44+00:00","dateModified":"2025-07-08T04:50:57+00:00","mainEntityOfPage":{"@id":"https:\/\/certera.com\/blog\/critical-next-js-cache-poisoning-vulnerability-cve-2025-49826\/"},"wordCount":450,"commentCount":0,"publisher":{"@id":"https:\/\/certera.com\/blog\/#organization"},"image":{"@id":"https:\/\/certera.com\/blog\/critical-next-js-cache-poisoning-vulnerability-cve-2025-49826\/#primaryimage"},"thumbnailUrl":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2025\/07\/nextjs-cache-poisoning-vulnerability-CVE-2025-49826.webp","keywords":["CVE-2025-49826","Next.js Cache Poisoning Vulnerability"],"articleSection":["Cyber Attack","Vulnerability"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/certera.com\/blog\/critical-next-js-cache-poisoning-vulnerability-cve-2025-49826\/#respond"]}],"copyrightYear":"2025","copyrightHolder":{"@id":"https:\/\/certera.com\/blog\/#organization"}},{"@type":"WebPage","@id":"https:\/\/certera.com\/blog\/critical-next-js-cache-poisoning-vulnerability-cve-2025-49826\/","url":"https:\/\/certera.com\/blog\/critical-next-js-cache-poisoning-vulnerability-cve-2025-49826\/","name":"Critical Next.js Cache Poisoning Vulnerability (CVE-2025-49826)","isPartOf":{"@id":"https:\/\/certera.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/certera.com\/blog\/critical-next-js-cache-poisoning-vulnerability-cve-2025-49826\/#primaryimage"},"image":{"@id":"https:\/\/certera.com\/blog\/critical-next-js-cache-poisoning-vulnerability-cve-2025-49826\/#primaryimage"},"thumbnailUrl":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2025\/07\/nextjs-cache-poisoning-vulnerability-CVE-2025-49826.webp","datePublished":"2025-07-08T04:47:44+00:00","dateModified":"2025-07-08T04:50:57+00:00","description":"A critical security Cache Poisoning Vulnerability (CVE-2025-49826) discovered in Next.js, allowing attackers to trigger a DoS Condition.","breadcrumb":{"@id":"https:\/\/certera.com\/blog\/critical-next-js-cache-poisoning-vulnerability-cve-2025-49826\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/certera.com\/blog\/critical-next-js-cache-poisoning-vulnerability-cve-2025-49826\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/certera.com\/blog\/critical-next-js-cache-poisoning-vulnerability-cve-2025-49826\/#primaryimage","url":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2025\/07\/nextjs-cache-poisoning-vulnerability-CVE-2025-49826.webp","contentUrl":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2025\/07\/nextjs-cache-poisoning-vulnerability-CVE-2025-49826.webp","width":960,"height":620,"caption":"Next.js Cache Poisoning Vulnerability"},{"@type":"BreadcrumbList","@id":"https:\/\/certera.com\/blog\/critical-next-js-cache-poisoning-vulnerability-cve-2025-49826\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/certera.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Critical Next.js Cache Poisoning Vulnerability: CVE-2025-49826"}]},{"@type":"WebSite","@id":"https:\/\/certera.com\/blog\/#website","url":"https:\/\/certera.com\/blog\/","name":"EncryptedFence by Certera - Web & Cyber Security Blog","description":"","publisher":{"@id":"https:\/\/certera.com\/blog\/#organization"},"alternateName":"Certera's EncryptedFence Blog","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/certera.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/certera.com\/blog\/#organization","name":"Certera","url":"https:\/\/certera.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/certera.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2023\/08\/logo-encryptedfence.svg","contentUrl":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2023\/08\/logo-encryptedfence.svg","caption":"Certera"},"image":{"@id":"https:\/\/certera.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/certeraLLC\/","https:\/\/x.com\/certera_llc","https:\/\/www.linkedin.com\/company\/certera-llc\/"]},{"@type":"Person","@id":"https:\/\/certera.com\/blog\/#\/schema\/person\/e5a476aa90d9e02260ebfe4b0bf046b7","name":"Janki Mehta","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g","caption":"Janki Mehta"},"description":"Janki Mehta is a passionate Cyber-Security Enthusiast who keenly monitors the latest developments in the Web\/Cyber Security industry. She puts her knowledge into practice and helps web users by arming them with the necessary security measures to stay safe in the digital world.","sameAs":["https:\/\/certerassl.com\/"],"url":"https:\/\/certera.com\/blog\/author\/certerabguser\/"}]}},"_links":{"self":[{"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/posts\/3724","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/comments?post=3724"}],"version-history":[{"count":4,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/posts\/3724\/revisions"}],"predecessor-version":[{"id":3731,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/posts\/3724\/revisions\/3731"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/media\/3726"}],"wp:attachment":[{"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/media?parent=3724"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/categories?post=3724"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/tags?post=3724"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}