mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-12-26 14:15:32 +01:00
Code Issues Projects Releases Packages Wiki Activity
PoC-in-GitHub/2025/CVE-2025-29927.json
motikan2010-bot 8960d0ab80 Auto Update 2025/12/01 00:43:02
2025-12-01 09:43:02 +09:00

3517 lines
No EOL
121 KiB
JSON
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

[
{
"id": 953117790,
"name": "test-cve-2025-29927",
"full_name": "serhalp\/test-cve-2025-29927",
"owner": {
"login": "serhalp",
"id": 1377702,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1377702?v=4",
"html_url": "https:\/\/github.com\/serhalp",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/serhalp\/test-cve-2025-29927",
"description": "Verify Next.js CVE-2025-29927 on Netlify not vulnerable",
"fork": false,
"created_at": "2025-03-22T15:58:02Z",
"updated_at": "2025-05-08T21:46:32Z",
"pushed_at": "2025-06-14T17:07:34Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 953177859,
"name": "CVE-2025-29927",
"full_name": "Ademking\/CVE-2025-29927",
"owner": {
"login": "Ademking",
"id": 12462188,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12462188?v=4",
"html_url": "https:\/\/github.com\/Ademking",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Ademking\/CVE-2025-29927",
"description": "Next.js Middleware Authorization Bypass",
"fork": false,
"created_at": "2025-03-22T18:42:27Z",
"updated_at": "2025-10-04T14:02:29Z",
"pushed_at": "2025-03-23T19:15:53Z",
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 4,
"score": 0,
"subscribers_count": 1
},
{
"id": 953378403,
"name": "nextjs-CVE-2025-29927",
"full_name": "6mile\/nextjs-CVE-2025-29927",
"owner": {
"login": "6mile",
"id": 7798480,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7798480?v=4",
"html_url": "https:\/\/github.com\/6mile",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/6mile\/nextjs-CVE-2025-29927",
"description": "A Nuclei template to detect CVE-2025-29927 the Next.js authentication bypass vulnerability",
"fork": false,
"created_at": "2025-03-23T08:11:09Z",
"updated_at": "2025-10-10T19:55:44Z",
"pushed_at": "2025-03-23T23:14:15Z",
"stargazers_count": 16,
"watchers_count": 16,
"has_discussions": false,
"forks_count": 4,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 4,
"watchers": 16,
"score": 0,
"subscribers_count": 0
},
{
"id": 953386148,
"name": "nextjs-cve-2025-29927-poc",
"full_name": "azu\/nextjs-cve-2025-29927-poc",
"owner": {
"login": "azu",
"id": 19714,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19714?v=4",
"html_url": "https:\/\/github.com\/azu",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/azu\/nextjs-cve-2025-29927-poc",
"description": "Next.js PoC for CVE-2025-29927",
"fork": false,
"created_at": "2025-03-23T08:37:25Z",
"updated_at": "2025-09-20T21:27:49Z",
"pushed_at": "2025-03-24T11:57:38Z",
"stargazers_count": 14,
"watchers_count": 14,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"next",
"security"
],
"visibility": "public",
"forks": 1,
"watchers": 14,
"score": 0,
"subscribers_count": 1
},
{
"id": 953400056,
"name": "vulnerable-nextjs-14-CVE-2025-29927",
"full_name": "lirantal\/vulnerable-nextjs-14-CVE-2025-29927",
"owner": {
"login": "lirantal",
"id": 316371,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/316371?v=4",
"html_url": "https:\/\/github.com\/lirantal",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/lirantal\/vulnerable-nextjs-14-CVE-2025-29927",
"description": null,
"fork": false,
"created_at": "2025-03-23T09:22:35Z",
"updated_at": "2025-10-12T03:49:38Z",
"pushed_at": "2025-03-23T09:36:03Z",
"stargazers_count": 10,
"watchers_count": 10,
"has_discussions": false,
"forks_count": 8,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 8,
"watchers": 10,
"score": 0,
"subscribers_count": 1
},
{
"id": 953455436,
"name": "CVE-2025-29927",
"full_name": "aydinnyunus\/CVE-2025-29927",
"owner": {
"login": "aydinnyunus",
"id": 52822869,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52822869?v=4",
"html_url": "https:\/\/github.com\/aydinnyunus",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/aydinnyunus\/CVE-2025-29927",
"description": "CVE-2025-29927 Proof of Concept",
"fork": false,
"created_at": "2025-03-23T12:13:35Z",
"updated_at": "2025-11-30T20:20:17Z",
"pushed_at": "2025-03-23T19:46:53Z",
"stargazers_count": 91,
"watchers_count": 91,
"has_discussions": false,
"forks_count": 28,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 28,
"watchers": 91,
"score": 0,
"subscribers_count": 1
},
{
"id": 953545645,
"name": "poc-nextjs-CVE-2025-29927",
"full_name": "ticofookfook\/poc-nextjs-CVE-2025-29927",
"owner": {
"login": "ticofookfook",
"id": 99700348,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99700348?v=4",
"html_url": "https:\/\/github.com\/ticofookfook",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/ticofookfook\/poc-nextjs-CVE-2025-29927",
"description": null,
"fork": false,
"created_at": "2025-03-23T16:04:50Z",
"updated_at": "2025-03-23T23:56:59Z",
"pushed_at": "2025-03-23T23:56:56Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 953560657,
"name": "cve-2025-29927-demo",
"full_name": "t3tra-dev\/cve-2025-29927-demo",
"owner": {
"login": "t3tra-dev",
"id": 115448016,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115448016?v=4",
"html_url": "https:\/\/github.com\/t3tra-dev",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/t3tra-dev\/cve-2025-29927-demo",
"description": "Next.js における認可バイパスの脆弱性 CVE-2025-29927 を再現するデモです。",
"fork": false,
"created_at": "2025-03-23T16:41:47Z",
"updated_at": "2025-10-06T07:25:29Z",
"pushed_at": "2025-03-28T15:16:47Z",
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"cve",
"demo",
"nextjs",
"vulnerability"
],
"visibility": "public",
"forks": 0,
"watchers": 4,
"score": 0,
"subscribers_count": 1
},
{
"id": 953629777,
"name": "CVE-2025-29927-PoC-Exploit",
"full_name": "websecnl\/CVE-2025-29927-PoC-Exploit",
"owner": {
"login": "websecnl",
"id": 20278695,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20278695?v=4",
"html_url": "https:\/\/github.com\/websecnl",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/websecnl\/CVE-2025-29927-PoC-Exploit",
"description": "Proof-of-Concept for Authorization Bypass in Next.js Middleware",
"fork": false,
"created_at": "2025-03-23T19:41:05Z",
"updated_at": "2025-10-08T14:21:41Z",
"pushed_at": "2025-03-23T21:05:20Z",
"stargazers_count": 17,
"watchers_count": 17,
"has_discussions": false,
"forks_count": 4,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"cve-2025-29927"
],
"visibility": "public",
"forks": 4,
"watchers": 17,
"score": 0,
"subscribers_count": 1
},
{
"id": 953668703,
"name": "CVE-2025-29927-POC",
"full_name": "MuhammadWaseem29\/CVE-2025-29927-POC",
"owner": {
"login": "MuhammadWaseem29",
"id": 161931698,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161931698?v=4",
"html_url": "https:\/\/github.com\/MuhammadWaseem29",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/MuhammadWaseem29\/CVE-2025-29927-POC",
"description": "Authorization Bypass in Next.js Middleware",
"fork": false,
"created_at": "2025-03-23T21:42:09Z",
"updated_at": "2025-11-07T15:16:05Z",
"pushed_at": "2025-03-23T22:12:25Z",
"stargazers_count": 6,
"watchers_count": 6,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"bugbounty",
"cve-2025-29927",
"cyber-security",
"nextjs",
"npm"
],
"visibility": "public",
"forks": 2,
"watchers": 6,
"score": 0,
"subscribers_count": 1
},
{
"id": 953797642,
"name": "nextjs-vulnerable-app",
"full_name": "strobes-security\/nextjs-vulnerable-app",
"owner": {
"login": "strobes-security",
"id": 179111281,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179111281?v=4",
"html_url": "https:\/\/github.com\/strobes-security",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/strobes-security\/nextjs-vulnerable-app",
"description": "CVE-2025-29927 lab",
"fork": false,
"created_at": "2025-03-24T05:05:11Z",
"updated_at": "2025-11-23T09:05:21Z",
"pushed_at": "2025-03-24T05:06:52Z",
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 5,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 5,
"watchers": 3,
"score": 0,
"subscribers_count": 0
},
{
"id": 953798267,
"name": "CVE-2025-29927",
"full_name": "RoyCampos\/CVE-2025-29927",
"owner": {
"login": "RoyCampos",
"id": 38510774,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38510774?v=4",
"html_url": "https:\/\/github.com\/RoyCampos",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/RoyCampos\/CVE-2025-29927",
"description": "CVE-2025-29927 Exploit Checker",
"fork": false,
"created_at": "2025-03-24T05:07:02Z",
"updated_at": "2025-04-09T00:56:40Z",
"pushed_at": "2025-03-24T16:50:24Z",
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 4,
"score": 0,
"subscribers_count": 0
},
{
"id": 953872810,
"name": "nextjs-middleware-bypass-demo",
"full_name": "fourcube\/nextjs-middleware-bypass-demo",
"owner": {
"login": "fourcube",
"id": 4704176,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4704176?v=4",
"html_url": "https:\/\/github.com\/fourcube",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/fourcube\/nextjs-middleware-bypass-demo",
"description": "Demo for Next.js middleware bypass - CVE-2025-29927",
"fork": false,
"created_at": "2025-03-24T08:07:03Z",
"updated_at": "2025-06-11T03:22:31Z",
"pushed_at": "2025-03-24T08:10:04Z",
"stargazers_count": 5,
"watchers_count": 5,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 5,
"score": 0,
"subscribers_count": 1
},
{
"id": 953913507,
"name": "CVE-2025-29927",
"full_name": "iSee857\/CVE-2025-29927",
"owner": {
"login": "iSee857",
"id": 73977770,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73977770?v=4",
"html_url": "https:\/\/github.com\/iSee857",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/iSee857\/CVE-2025-29927",
"description": "Next.Js 权限绕过漏洞(CVE-2025-29927)",
"fork": false,
"created_at": "2025-03-24T09:27:03Z",
"updated_at": "2025-04-01T08:46:51Z",
"pushed_at": "2025-04-01T08:46:47Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"cve-2025-29927"
],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 953984054,
"name": "POC-CVE-2025-29927",
"full_name": "Eve-SatOrU\/POC-CVE-2025-29927",
"owner": {
"login": "Eve-SatOrU",
"id": 84472102,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84472102?v=4",
"html_url": "https:\/\/github.com\/Eve-SatOrU",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Eve-SatOrU\/POC-CVE-2025-29927",
"description": "CVE-2025-29927 Proof of Concept",
"fork": false,
"created_at": "2025-03-24T11:42:14Z",
"updated_at": "2025-03-30T16:00:13Z",
"pushed_at": "2025-03-26T12:25:35Z",
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 3,
"score": 0,
"subscribers_count": 1
},
{
"id": 954039309,
"name": "next-CVE-2025-29927",
"full_name": "arvion-agent\/next-CVE-2025-29927",
"owner": {
"login": "arvion-agent",
"id": 195955104,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/195955104?v=4",
"html_url": "https:\/\/github.com\/arvion-agent",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/arvion-agent\/next-CVE-2025-29927",
"description": "CVE-2025-29927 Authorization Bypass in Next.js Middleware",
"fork": false,
"created_at": "2025-03-24T13:23:46Z",
"updated_at": "2025-04-26T19:53:30Z",
"pushed_at": "2025-03-24T14:31:23Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"score": 0,
"subscribers_count": 1
},
{
"id": 954041221,
"name": "CVE-2025-29927",
"full_name": "Oyst3r1ng\/CVE-2025-29927",
"owner": {
"login": "Oyst3r1ng",
"id": 182589971,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/182589971?v=4",
"html_url": "https:\/\/github.com\/Oyst3r1ng",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Oyst3r1ng\/CVE-2025-29927",
"description": "Next.js Middleware Auth Bypass",
"fork": false,
"created_at": "2025-03-24T13:27:13Z",
"updated_at": "2025-03-27T03:31:04Z",
"pushed_at": "2025-03-25T02:23:57Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"score": 0,
"subscribers_count": 1
},
{
"id": 954113310,
"name": "CVE-2025-29927",
"full_name": "lem0n817\/CVE-2025-29927",
"owner": {
"login": "lem0n817",
"id": 172578979,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172578979?v=4",
"html_url": "https:\/\/github.com\/lem0n817",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/lem0n817\/CVE-2025-29927",
"description": "Next.js 中间件授权绕过漏洞测试环境 (CVE-2025-29927)",
"fork": false,
"created_at": "2025-03-24T15:25:22Z",
"updated_at": "2025-09-02T10:54:57Z",
"pushed_at": "2025-03-24T16:05:23Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"score": 0,
"subscribers_count": 1
},
{
"id": 954149549,
"name": "CVE-2025-29927-test",
"full_name": "kuzushiki\/CVE-2025-29927-test",
"owner": {
"login": "kuzushiki",
"id": 50363796,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50363796?v=4",
"html_url": "https:\/\/github.com\/kuzushiki",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/kuzushiki\/CVE-2025-29927-test",
"description": "CVE-2025-29927の検証",
"fork": false,
"created_at": "2025-03-24T16:27:17Z",
"updated_at": "2025-03-25T14:25:11Z",
"pushed_at": "2025-03-25T14:25:08Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
},
{
"id": 954237333,
"name": "CVE-2025-29927",
"full_name": "ricsirigu\/CVE-2025-29927",
"owner": {
"login": "ricsirigu",
"id": 5004093,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5004093?v=4",
"html_url": "https:\/\/github.com\/ricsirigu",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/ricsirigu\/CVE-2025-29927",
"description": "A deliberately Next.js app, vulnerable to CVE-2025-29927, Authorization Bypass ",
"fork": false,
"created_at": "2025-03-24T19:13:35Z",
"updated_at": "2025-09-06T20:22:34Z",
"pushed_at": "2025-03-25T07:30:13Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
},
{
"id": 954239487,
"name": "CVE-2025-29927",
"full_name": "0xWhoknows\/CVE-2025-29927",
"owner": {
"login": "0xWhoknows",
"id": 57815920,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57815920?v=4",
"html_url": "https:\/\/github.com\/0xWhoknows",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/0xWhoknows\/CVE-2025-29927",
"description": "Async Python scanner for Next.js CVE-2025-29927. Uses aiohttp & aiofiles to efficiently process large URL lists, detect vulnerabilities, and save results. Features connection pooling, caching, and chunked processing for fast performance",
"fork": false,
"created_at": "2025-03-24T19:18:20Z",
"updated_at": "2025-04-22T01:01:32Z",
"pushed_at": "2025-03-24T19:23:24Z",
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"cve-2025",
"cve-2025-29927",
"cve-scanning",
"cve-search",
"nextjs"
],
"visibility": "public",
"forks": 2,
"watchers": 3,
"score": 0,
"subscribers_count": 1
},
{
"id": 954329674,
"name": "CVE-2025-29927-Sigma-Rule",
"full_name": "elshaheedy\/CVE-2025-29927-Sigma-Rule",
"owner": {
"login": "elshaheedy",
"id": 124810592,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124810592?v=4",
"html_url": "https:\/\/github.com\/elshaheedy",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/elshaheedy\/CVE-2025-29927-Sigma-Rule",
"description": "Sigma Rule for CVE-202529927 Detection",
"fork": false,
"created_at": "2025-03-24T23:13:43Z",
"updated_at": "2025-03-24T23:16:52Z",
"pushed_at": "2025-03-24T23:16:48Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 954387825,
"name": "CVE-2025-29927",
"full_name": "furmak331\/CVE-2025-29927",
"owner": {
"login": "furmak331",
"id": 145181976,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145181976?v=4",
"html_url": "https:\/\/github.com\/furmak331",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/furmak331\/CVE-2025-29927",
"description": "Critical vulnerability in next.js : Bypass middleware authentication",
"fork": false,
"created_at": "2025-03-25T02:20:36Z",
"updated_at": "2025-04-12T00:38:32Z",
"pushed_at": "2025-04-12T00:38:29Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 954471818,
"name": "ghost-route",
"full_name": "takumade\/ghost-route",
"owner": {
"login": "takumade",
"id": 42911769,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42911769?v=4",
"html_url": "https:\/\/github.com\/takumade",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/takumade\/ghost-route",
"description": "Ghost Route detects if a Next JS site is vulnerable to the corrupt middleware bypass bug (CVE-2025-29927)",
"fork": false,
"created_at": "2025-03-25T06:14:15Z",
"updated_at": "2025-07-12T19:05:58Z",
"pushed_at": "2025-03-28T16:58:40Z",
"stargazers_count": 9,
"watchers_count": 9,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"cve-2025-29927",
"nextjs",
"python",
"security",
"vulnerability-scanner"
],
"visibility": "public",
"forks": 0,
"watchers": 9,
"score": 0,
"subscribers_count": 1
},
{
"id": 954499880,
"name": "Next.js-CVE-2025-29927",
"full_name": "0xPb1\/Next.js-CVE-2025-29927",
"owner": {
"login": "0xPb1",
"id": 82134963,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82134963?v=4",
"html_url": "https:\/\/github.com\/0xPb1",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/0xPb1\/Next.js-CVE-2025-29927",
"description": null,
"fork": false,
"created_at": "2025-03-25T07:15:36Z",
"updated_at": "2025-03-25T07:17:44Z",
"pushed_at": "2025-03-25T07:17:41Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 954555389,
"name": "cve-2025-29927",
"full_name": "jeymo092\/cve-2025-29927",
"owner": {
"login": "jeymo092",
"id": 84963588,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84963588?v=4",
"html_url": "https:\/\/github.com\/jeymo092",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/jeymo092\/cve-2025-29927",
"description": null,
"fork": false,
"created_at": "2025-03-25T09:06:00Z",
"updated_at": "2025-03-25T10:06:17Z",
"pushed_at": "2025-03-25T10:06:14Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 954600589,
"name": "CVE-2025-29927-PoC",
"full_name": "alihussainzada\/CVE-2025-29927-PoC",
"owner": {
"login": "alihussainzada",
"id": 181482329,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/181482329?v=4",
"html_url": "https:\/\/github.com\/alihussainzada",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/alihussainzada\/CVE-2025-29927-PoC",
"description": "PoC for CVE-2025-29927: Next.js Middleware Bypass Vulnerability. Demonstrates how x-middleware-subrequest can bypass authentication checks. Includes Docker setup for testing.",
"fork": false,
"created_at": "2025-03-25T10:30:55Z",
"updated_at": "2025-11-09T13:53:31Z",
"pushed_at": "2025-03-25T10:38:24Z",
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 4,
"score": 0,
"subscribers_count": 1
},
{
"id": 954634803,
"name": "CVE-2025-29927-Testing",
"full_name": "TheresAFewConors\/CVE-2025-29927-Testing",
"owner": {
"login": "TheresAFewConors",
"id": 31410218,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31410218?v=4",
"html_url": "https:\/\/github.com\/TheresAFewConors",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/TheresAFewConors\/CVE-2025-29927-Testing",
"description": "PowerShell script to test if a web app is vulnerable to CVE-2025-29927",
"fork": false,
"created_at": "2025-03-25T11:39:14Z",
"updated_at": "2025-08-24T00:07:50Z",
"pushed_at": "2025-06-04T09:50:44Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"cve",
"cve-2025-29927",
"exploit",
"powershell",
"vulnerability"
],
"visibility": "public",
"forks": 2,
"watchers": 2,
"score": 0,
"subscribers_count": 1
},
{
"id": 954690188,
"name": "next.js_cve-2025-29927",
"full_name": "0xPThree\/next.js_cve-2025-29927",
"owner": {
"login": "0xPThree",
"id": 108757172,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108757172?v=4",
"html_url": "https:\/\/github.com\/0xPThree",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/0xPThree\/next.js_cve-2025-29927",
"description": null,
"fork": false,
"created_at": "2025-03-25T13:21:15Z",
"updated_at": "2025-03-26T07:37:22Z",
"pushed_at": "2025-03-26T07:37:18Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 954769467,
"name": "cve-2025-29927",
"full_name": "0xcucumbersalad\/cve-2025-29927",
"owner": {
"login": "0xcucumbersalad",
"id": 39252817,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39252817?v=4",
"html_url": "https:\/\/github.com\/0xcucumbersalad",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/0xcucumbersalad\/cve-2025-29927",
"description": null,
"fork": false,
"created_at": "2025-03-25T15:33:05Z",
"updated_at": "2025-05-16T12:56:27Z",
"pushed_at": "2025-05-16T12:56:24Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 954852042,
"name": "CVE-2025-29927-check",
"full_name": "c0dejump\/CVE-2025-29927-check",
"owner": {
"login": "c0dejump",
"id": 29504335,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29504335?v=4",
"html_url": "https:\/\/github.com\/c0dejump",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/c0dejump\/CVE-2025-29927-check",
"description": "script to check cve \"CVE-2025-29927\" while waiting to add it to HExHTTP",
"fork": false,
"created_at": "2025-03-25T18:02:18Z",
"updated_at": "2025-03-26T21:56:15Z",
"pushed_at": "2025-03-26T21:56:12Z",
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 3,
"score": 0,
"subscribers_count": 1
},
{
"id": 954967696,
"name": "claude-create-CVE-2025-29927",
"full_name": "maronnjapan\/claude-create-CVE-2025-29927",
"owner": {
"login": "maronnjapan",
"id": 52373331,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52373331?v=4",
"html_url": "https:\/\/github.com\/maronnjapan",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/maronnjapan\/claude-create-CVE-2025-29927",
"description": null,
"fork": false,
"created_at": "2025-03-25T22:36:14Z",
"updated_at": "2025-03-25T22:39:06Z",
"pushed_at": "2025-03-25T22:39:01Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 954996803,
"name": "poc-cve-2025-29927",
"full_name": "kOaDT\/poc-cve-2025-29927",
"owner": {
"login": "kOaDT",
"id": 17499022,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17499022?v=4",
"html_url": "https:\/\/github.com\/kOaDT",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/kOaDT\/poc-cve-2025-29927",
"description": "This repository contains a proof of concept (POC) and an exploit script for CVE-2025-29927, a critical vulnerability in Next.js that allows attackers to bypass authorization checks implemented in middleware.",
"fork": false,
"created_at": "2025-03-26T00:12:41Z",
"updated_at": "2025-11-17T14:40:38Z",
"pushed_at": "2025-03-26T13:12:03Z",
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"cve",
"cve-2025-29927",
"cybersecurity",
"exploit",
"hacking",
"javascript",
"middleware",
"nextjs",
"poc",
"typescript",
"vercel",
"vulnerability"
],
"visibility": "public",
"forks": 3,
"watchers": 3,
"score": 0,
"subscribers_count": 1
},
{
"id": 955007037,
"name": "test-cve-2025-29927",
"full_name": "yugo-eliatrope\/test-cve-2025-29927",
"owner": {
"login": "yugo-eliatrope",
"id": 31237530,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31237530?v=4",
"html_url": "https:\/\/github.com\/yugo-eliatrope",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/yugo-eliatrope\/test-cve-2025-29927",
"description": null,
"fork": false,
"created_at": "2025-03-26T00:47:44Z",
"updated_at": "2025-06-19T14:59:31Z",
"pushed_at": "2025-03-26T00:57:03Z",
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 3,
"score": 0,
"subscribers_count": 1
},
{
"id": 955163818,
"name": "CVE-2025-29927",
"full_name": "emadshanab\/CVE-2025-29927",
"owner": {
"login": "emadshanab",
"id": 10281631,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10281631?v=4",
"html_url": "https:\/\/github.com\/emadshanab",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/emadshanab\/CVE-2025-29927",
"description": "New nuclei CVE ",
"fork": false,
"created_at": "2025-03-26T07:56:23Z",
"updated_at": "2025-07-05T14:43:54Z",
"pushed_at": "2025-03-24T18:01:19Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"score": 0,
"subscribers_count": 0
},
{
"id": 955434542,
"name": "CVE-2025-29927",
"full_name": "newweshi\/CVE-2025-29927",
"owner": {
"login": "newweshi",
"id": 169062599,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/169062599?v=4",
"html_url": "https:\/\/github.com\/newweshi",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/newweshi\/CVE-2025-29927",
"description": "A touch of security",
"fork": false,
"created_at": "2025-03-26T16:24:15Z",
"updated_at": "2025-03-26T16:25:31Z",
"pushed_at": "2025-03-26T16:25:27Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 955519080,
"name": "CVE-2025-29927",
"full_name": "aleongx\/CVE-2025-29927",
"owner": {
"login": "aleongx",
"id": 201419689,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/201419689?v=4",
"html_url": "https:\/\/github.com\/aleongx",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/aleongx\/CVE-2025-29927",
"description": "Next.js Acceso no autorizado CVE-2025-29927",
"fork": false,
"created_at": "2025-03-26T19:08:14Z",
"updated_at": "2025-03-26T19:09:05Z",
"pushed_at": "2025-03-26T19:09:01Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 955619750,
"name": "next-attack",
"full_name": "nicknisi\/next-attack",
"owner": {
"login": "nicknisi",
"id": 293805,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/293805?v=4",
"html_url": "https:\/\/github.com\/nicknisi",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/nicknisi\/next-attack",
"description": "A demo of the CVE-2025-29927 vulnerability for a NebraskaJS lightning talk",
"fork": false,
"created_at": "2025-03-26T23:36:30Z",
"updated_at": "2025-09-22T03:38:35Z",
"pushed_at": "2025-03-26T23:36:54Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
},
{
"id": 955713682,
"name": "NextSecureScan",
"full_name": "jmbowes\/NextSecureScan",
"owner": {
"login": "jmbowes",
"id": 32311613,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32311613?v=4",
"html_url": "https:\/\/github.com\/jmbowes",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/jmbowes\/NextSecureScan",
"description": "Next.js CVE-2025-29927 Vulnerability Scanner",
"fork": false,
"created_at": "2025-03-27T04:36:01Z",
"updated_at": "2025-03-27T04:45:27Z",
"pushed_at": "2025-03-27T04:45:23Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 955787535,
"name": "CVE-2025-29927_Scanner",
"full_name": "aleongx\/CVE-2025-29927_Scanner",
"owner": {
"login": "aleongx",
"id": 201419689,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/201419689?v=4",
"html_url": "https:\/\/github.com\/aleongx",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/aleongx\/CVE-2025-29927_Scanner",
"description": "Este script verifica la vulnerabilidad CVE-2025-29927 en servidores Next.js, probando múltiples cargas en la cabecera x-middleware-subrequest para detectar accesos no autorizados.",
"fork": false,
"created_at": "2025-03-27T07:41:26Z",
"updated_at": "2025-03-27T07:59:56Z",
"pushed_at": "2025-03-27T07:59:53Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 955815806,
"name": "CVE-2025-29927-exploit",
"full_name": "Nekicj\/CVE-2025-29927-exploit",
"owner": {
"login": "Nekicj",
"id": 94274071,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94274071?v=4",
"html_url": "https:\/\/github.com\/Nekicj",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Nekicj\/CVE-2025-29927-exploit",
"description": "next.js CVE-2025-29927 vulnerability exploit ",
"fork": false,
"created_at": "2025-03-27T08:42:03Z",
"updated_at": "2025-04-28T16:50:34Z",
"pushed_at": "2025-04-21T16:04:21Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"score": 0,
"subscribers_count": 1
},
{
"id": 955859197,
"name": "CVE-2025-29927-PoC",
"full_name": "Heimd411\/CVE-2025-29927-PoC",
"owner": {
"login": "Heimd411",
"id": 144545054,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144545054?v=4",
"html_url": "https:\/\/github.com\/Heimd411",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Heimd411\/CVE-2025-29927-PoC",
"description": null,
"fork": false,
"created_at": "2025-03-27T10:06:07Z",
"updated_at": "2025-04-07T15:55:49Z",
"pushed_at": "2025-04-07T15:55:45Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 955909576,
"name": "PoC-for-Next.js-Middleware",
"full_name": "m2hcz\/PoC-for-Next.js-Middleware",
"owner": {
"login": "m2hcz",
"id": 202376560,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/202376560?v=4",
"html_url": "https:\/\/github.com\/m2hcz",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/m2hcz\/PoC-for-Next.js-Middleware",
"description": "> 🔓 Proof-of-Concept for a fictional Next.js middleware bypass (CVE-2025-29927) — craft sub-requests to test protected routes.",
"fork": false,
"created_at": "2025-03-27T11:48:35Z",
"updated_at": "2025-07-09T02:58:15Z",
"pushed_at": "2025-07-05T13:23:46Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
},
{
"id": 955940032,
"name": "CVE-2025-29927-Research",
"full_name": "KaztoRay\/CVE-2025-29927-Research",
"owner": {
"login": "KaztoRay",
"id": 170967564,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/170967564?v=4",
"html_url": "https:\/\/github.com\/KaztoRay",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/KaztoRay\/CVE-2025-29927-Research",
"description": "CVE-2025-29927에 대한 설명 및 리서치",
"fork": false,
"created_at": "2025-03-27T12:50:38Z",
"updated_at": "2025-11-25T22:16:51Z",
"pushed_at": "2025-03-27T12:53:11Z",
"stargazers_count": 7,
"watchers_count": 7,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 7,
"score": 0,
"subscribers_count": 0
},
{
"id": 955984617,
"name": "CVE-2025-29927-scanner",
"full_name": "nocomp\/CVE-2025-29927-scanner",
"owner": {
"login": "nocomp",
"id": 1720644,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1720644?v=4",
"html_url": "https:\/\/github.com\/nocomp",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/nocomp\/CVE-2025-29927-scanner",
"description": "python script for evaluate if you are vulnerable or not to next.js CVE-2025-29927",
"fork": false,
"created_at": "2025-03-27T14:11:09Z",
"updated_at": "2025-05-05T11:56:07Z",
"pushed_at": "2025-03-27T14:17:53Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 1,
"score": 0,
"subscribers_count": 1
},
{
"id": 956292907,
"name": "CVE-2025-29927_demo",
"full_name": "yuzu-juice\/CVE-2025-29927_demo",
"owner": {
"login": "yuzu-juice",
"id": 121703872,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121703872?v=4",
"html_url": "https:\/\/github.com\/yuzu-juice",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/yuzu-juice\/CVE-2025-29927_demo",
"description": "This repository is for educational and research purposes.",
"fork": false,
"created_at": "2025-03-28T02:31:58Z",
"updated_at": "2025-03-28T03:07:01Z",
"pushed_at": "2025-03-28T03:06:58Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 956399187,
"name": "0xMiddleware",
"full_name": "luq0x\/0xMiddleware",
"owner": {
"login": "luq0x",
"id": 128091911,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128091911?v=4",
"html_url": "https:\/\/github.com\/luq0x",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/luq0x\/0xMiddleware",
"description": "CVE-2025-29927: Next.js Middleware Exploit",
"fork": false,
"created_at": "2025-03-28T07:31:36Z",
"updated_at": "2025-04-14T13:30:49Z",
"pushed_at": "2025-03-28T07:49:43Z",
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 3,
"score": 0,
"subscribers_count": 1
},
{
"id": 956502693,
"name": "NextSploit",
"full_name": "AnonKryptiQuz\/NextSploit",
"owner": {
"login": "AnonKryptiQuz",
"id": 180563491,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/180563491?v=4",
"html_url": "https:\/\/github.com\/AnonKryptiQuz",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/AnonKryptiQuz\/NextSploit",
"description": "NextSploit is a command-line tool designed to detect and exploit CVE-2025-29927, a security flaw in Next.js",
"fork": false,
"created_at": "2025-03-28T11:09:25Z",
"updated_at": "2025-11-29T14:03:49Z",
"pushed_at": "2025-04-12T10:55:01Z",
"stargazers_count": 79,
"watchers_count": 79,
"has_discussions": false,
"forks_count": 20,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"anonymous",
"authentication-bypass",
"automation",
"cve-2025-29927",
"ethical-hacking",
"hacking",
"middleware-bypass",
"nextjs",
"penetration-testing",
"python",
"security-testing",
"vulnerability-scanner"
],
"visibility": "public",
"forks": 20,
"watchers": 79,
"score": 0,
"subscribers_count": 1
},
{
"id": 956863508,
"name": "CVE-2025-29927-PoC",
"full_name": "w2hcorp\/CVE-2025-29927-PoC",
"owner": {
"login": "w2hcorp",
"id": 205383830,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/205383830?v=4",
"html_url": "https:\/\/github.com\/w2hcorp",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/w2hcorp\/CVE-2025-29927-PoC",
"description": "Here is a simple but effective exploit for CVE-2025-29927.",
"fork": false,
"created_at": "2025-03-29T02:12:22Z",
"updated_at": "2025-04-03T11:46:11Z",
"pushed_at": "2025-03-29T15:58:46Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
},
{
"id": 956893496,
"name": "Automated-Next.js-Security-Scanner-for-CVE-2025-29927",
"full_name": "ferpalma21\/Automated-Next.js-Security-Scanner-for-CVE-2025-29927",
"owner": {
"login": "ferpalma21",
"id": 28832432,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28832432?v=4",
"html_url": "https:\/\/github.com\/ferpalma21",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/ferpalma21\/Automated-Next.js-Security-Scanner-for-CVE-2025-29927",
"description": "This script scans a list of URLs to detect if they are using **Next.js** and determines whether they are vulnerable to **CVE-2025-29927**. It optionally attempts exploitation using a wordlist.",
"fork": false,
"created_at": "2025-03-29T04:13:06Z",
"updated_at": "2025-09-03T12:53:10Z",
"pushed_at": "2025-04-24T18:08:43Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"score": 0,
"subscribers_count": 1
},
{
"id": 956973016,
"name": "CVE-2025-29927",
"full_name": "dante01yoon\/CVE-2025-29927",
"owner": {
"login": "dante01yoon",
"id": 6510430,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6510430?v=4",
"html_url": "https:\/\/github.com\/dante01yoon",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/dante01yoon\/CVE-2025-29927",
"description": "Next.js CVE-2025-29927 demonstration",
"fork": false,
"created_at": "2025-03-29T08:49:38Z",
"updated_at": "2025-03-30T14:27:36Z",
"pushed_at": "2025-03-30T14:27:33Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 957316110,
"name": "WebLab_CVE-2025-29927",
"full_name": "ayato-shitomi\/WebLab_CVE-2025-29927",
"owner": {
"login": "ayato-shitomi",
"id": 74812891,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74812891?v=4",
"html_url": "https:\/\/github.com\/ayato-shitomi",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/ayato-shitomi\/WebLab_CVE-2025-29927",
"description": "Next.js Auth Bypass Lab CVE-2025-29927",
"fork": false,
"created_at": "2025-03-30T03:52:42Z",
"updated_at": "2025-03-30T06:50:38Z",
"pushed_at": "2025-03-30T06:50:35Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 957456093,
"name": "Vulnerable-Lab-NextJS-CVE-2025-29927",
"full_name": "Kamal-418\/Vulnerable-Lab-NextJS-CVE-2025-29927",
"owner": {
"login": "Kamal-418",
"id": 34186889,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34186889?v=4",
"html_url": "https:\/\/github.com\/Kamal-418",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Kamal-418\/Vulnerable-Lab-NextJS-CVE-2025-29927",
"description": null,
"fork": false,
"created_at": "2025-03-30T12:24:15Z",
"updated_at": "2025-04-27T11:43:27Z",
"pushed_at": "2025-04-27T11:43:23Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
},
{
"id": 958639017,
"name": "cve-2025-29927-poc",
"full_name": "dedibagus\/cve-2025-29927-poc",
"owner": {
"login": "dedibagus",
"id": 70743513,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70743513?v=4",
"html_url": "https:\/\/github.com\/dedibagus",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/dedibagus\/cve-2025-29927-poc",
"description": "Authorization Bypass in Next.js Middleware",
"fork": false,
"created_at": "2025-04-01T14:20:04Z",
"updated_at": "2025-04-01T14:20:04Z",
"pushed_at": "2025-03-23T22:12:25Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 3,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 958679134,
"name": "CVE-2025-29927",
"full_name": "alastair66\/CVE-2025-29927",
"owner": {
"login": "alastair66",
"id": 51027461,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51027461?v=4",
"html_url": "https:\/\/github.com\/alastair66",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/alastair66\/CVE-2025-29927",
"description": "Next.js Middleware Bypass Vulnerability ",
"fork": false,
"created_at": "2025-04-01T15:30:21Z",
"updated_at": "2025-05-10T09:15:54Z",
"pushed_at": "2025-04-03T07:50:09Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
},
{
"id": 958791847,
"name": "CVE-2025-29927",
"full_name": "BilalGns\/CVE-2025-29927",
"owner": {
"login": "BilalGns",
"id": 107482424,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107482424?v=4",
"html_url": "https:\/\/github.com\/BilalGns",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/BilalGns\/CVE-2025-29927",
"description": "Next.js CVE-2025-29927 güvenlik açığı hakkında",
"fork": false,
"created_at": "2025-04-01T19:11:30Z",
"updated_at": "2025-04-01T19:12:42Z",
"pushed_at": "2025-04-01T19:12:38Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 958797312,
"name": "CVE-2025-29927",
"full_name": "JOOJIII\/CVE-2025-29927",
"owner": {
"login": "JOOJIII",
"id": 155279918,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/155279918?v=4",
"html_url": "https:\/\/github.com\/JOOJIII",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/JOOJIII\/CVE-2025-29927",
"description": null,
"fork": false,
"created_at": "2025-04-01T19:23:52Z",
"updated_at": "2025-04-01T20:14:36Z",
"pushed_at": "2025-04-01T20:14:33Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 958996271,
"name": "Next.Js-middleware-bypass-vulnerability-CVE-2025-29927",
"full_name": "Naveen-005\/Next.Js-middleware-bypass-vulnerability-CVE-2025-29927",
"owner": {
"login": "Naveen-005",
"id": 95097013,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95097013?v=4",
"html_url": "https:\/\/github.com\/Naveen-005",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Naveen-005\/Next.Js-middleware-bypass-vulnerability-CVE-2025-29927",
"description": "A basic proof of concept of the CVE-2025-29927 vulnerability that allows to bypass the middleware scripts.",
"fork": false,
"created_at": "2025-04-02T05:19:35Z",
"updated_at": "2025-04-02T08:20:46Z",
"pushed_at": "2025-04-02T08:17:56Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"cve",
"cve-2025-29927",
"cybersecurity",
"javascript",
"middleware",
"nextjs",
"proof-of-concept",
"vulnrabilities",
"websecurity"
],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 959356446,
"name": "cve-2025-29927",
"full_name": "Gokul-Krishnan-V-R\/cve-2025-29927",
"owner": {
"login": "Gokul-Krishnan-V-R",
"id": 143732362,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143732362?v=4",
"html_url": "https:\/\/github.com\/Gokul-Krishnan-V-R",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Gokul-Krishnan-V-R\/cve-2025-29927",
"description": "Next.js and the corrupt middleware...TRY TO HACK IT..!",
"fork": false,
"created_at": "2025-04-02T16:55:40Z",
"updated_at": "2025-04-03T16:36:21Z",
"pushed_at": "2025-04-02T17:03:36Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 960011728,
"name": "NextBypass",
"full_name": "fahimalshihab\/NextBypass",
"owner": {
"login": "fahimalshihab",
"id": 97816146,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97816146?v=4",
"html_url": "https:\/\/github.com\/fahimalshihab",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/fahimalshihab\/NextBypass",
"description": "Next.js Middleware Authorization Bypass Tool (CVE-2025-29927)",
"fork": false,
"created_at": "2025-04-03T18:02:25Z",
"updated_at": "2025-04-03T18:31:09Z",
"pushed_at": "2025-04-03T18:31:06Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 960442882,
"name": "NextJS_CVE-2025-29927",
"full_name": "sn1p3rt3s7\/NextJS_CVE-2025-29927",
"owner": {
"login": "sn1p3rt3s7",
"id": 28353619,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28353619?v=4",
"html_url": "https:\/\/github.com\/sn1p3rt3s7",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/sn1p3rt3s7\/NextJS_CVE-2025-29927",
"description": null,
"fork": false,
"created_at": "2025-04-04T12:50:43Z",
"updated_at": "2025-04-04T12:53:33Z",
"pushed_at": "2025-04-04T12:53:30Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 961059610,
"name": "cve-2025-29927",
"full_name": "Balajih4kr\/cve-2025-29927",
"owner": {
"login": "Balajih4kr",
"id": 152677288,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152677288?v=4",
"html_url": "https:\/\/github.com\/Balajih4kr",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Balajih4kr\/cve-2025-29927",
"description": "CVE-2025-29927 is a critical vulnerability in Next.js, a popular React-based web framework. The flaw exists in how the middleware feature handles certain internal headers — specifically, the x-middleware-subrequest header",
"fork": false,
"created_at": "2025-04-05T17:02:51Z",
"updated_at": "2025-04-05T17:11:34Z",
"pushed_at": "2025-04-05T17:11:30Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 961247708,
"name": "nextjs-cve-2025-29927",
"full_name": "YEONDG\/nextjs-cve-2025-29927",
"owner": {
"login": "YEONDG",
"id": 100520319,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100520319?v=4",
"html_url": "https:\/\/github.com\/YEONDG",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/YEONDG\/nextjs-cve-2025-29927",
"description": "vulnerable-nextjs-14-CVE-2025-29927",
"fork": false,
"created_at": "2025-04-06T04:55:21Z",
"updated_at": "2025-04-06T12:55:23Z",
"pushed_at": "2025-04-06T12:55:19Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 961601523,
"name": "CVE-2025-29927",
"full_name": "gotr00t0day\/CVE-2025-29927",
"owner": {
"login": "gotr00t0day",
"id": 48636787,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48636787?v=4",
"html_url": "https:\/\/github.com\/gotr00t0day",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/gotr00t0day\/CVE-2025-29927",
"description": "Next.js Middleware Bypass Scanne",
"fork": false,
"created_at": "2025-04-06T20:59:10Z",
"updated_at": "2025-08-06T16:21:46Z",
"pushed_at": "2025-04-07T05:35:11Z",
"stargazers_count": 6,
"watchers_count": 6,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 6,
"score": 0,
"subscribers_count": 1
},
{
"id": 961904858,
"name": "NextJS-Exploit-",
"full_name": "pixilated730\/NextJS-Exploit-",
"owner": {
"login": "pixilated730",
"id": 55018689,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55018689?v=4",
"html_url": "https:\/\/github.com\/pixilated730",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/pixilated730\/NextJS-Exploit-",
"description": "CVE-2025-29927",
"fork": false,
"created_at": "2025-04-07T10:54:08Z",
"updated_at": "2025-08-24T14:49:19Z",
"pushed_at": "2025-04-07T10:56:19Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
},
{
"id": 962480318,
"name": "middleware-auth-bypass",
"full_name": "ValGrace\/middleware-auth-bypass",
"owner": {
"login": "ValGrace",
"id": 69193709,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69193709?v=4",
"html_url": "https:\/\/github.com\/ValGrace",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/ValGrace\/middleware-auth-bypass",
"description": "CVE-2025-29927 ~ a poc of the next.js middleware authentication bypass",
"fork": false,
"created_at": "2025-04-08T08:10:07Z",
"updated_at": "2025-04-08T08:25:14Z",
"pushed_at": "2025-04-08T08:30:46Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 962523684,
"name": "CVE-2025-29927",
"full_name": "0xnxt1me\/CVE-2025-29927",
"owner": {
"login": "0xnxt1me",
"id": 52325097,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52325097?v=4",
"html_url": "https:\/\/github.com\/0xnxt1me",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/0xnxt1me\/CVE-2025-29927",
"description": null,
"fork": false,
"created_at": "2025-04-08T09:29:48Z",
"updated_at": "2025-04-08T17:21:12Z",
"pushed_at": "2025-04-08T17:08:32Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
},
{
"id": 962947655,
"name": "vulnerable-nextjs-14-CVE-2025-29927",
"full_name": "pickovven\/vulnerable-nextjs-14-CVE-2025-29927",
"owner": {
"login": "pickovven",
"id": 549772,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/549772?v=4",
"html_url": "https:\/\/github.com\/pickovven",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/pickovven\/vulnerable-nextjs-14-CVE-2025-29927",
"description": null,
"fork": false,
"created_at": "2025-04-08T23:25:24Z",
"updated_at": "2025-04-08T23:25:28Z",
"pushed_at": "2025-04-08T23:25:24Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 963355993,
"name": "nextjs-middleware-exploit",
"full_name": "l1uk\/nextjs-middleware-exploit",
"owner": {
"login": "l1uk",
"id": 41051997,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41051997?v=4",
"html_url": "https:\/\/github.com\/l1uk",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/l1uk\/nextjs-middleware-exploit",
"description": "Research on Next.js middleware vulnerability (CVE-2025-29927) allowing authorization bypass and potential exploits.",
"fork": false,
"created_at": "2025-04-09T14:54:30Z",
"updated_at": "2025-04-09T15:34:54Z",
"pushed_at": "2025-04-09T15:34:51Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 964813904,
"name": "nextjs-CVE-2025-29927-hunter",
"full_name": "darklotuskdb\/nextjs-CVE-2025-29927-hunter",
"owner": {
"login": "darklotuskdb",
"id": 29382875,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29382875?v=4",
"html_url": "https:\/\/github.com\/darklotuskdb",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/darklotuskdb\/nextjs-CVE-2025-29927-hunter",
"description": "Next.js CVE-2025-29927 Hunter",
"fork": false,
"created_at": "2025-04-11T20:42:09Z",
"updated_at": "2025-05-13T21:11:03Z",
"pushed_at": "2025-04-24T11:17:50Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 965466942,
"name": "POC-CVE-2025-29927-",
"full_name": "ethanol1310\/POC-CVE-2025-29927-",
"owner": {
"login": "ethanol1310",
"id": 33454444,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33454444?v=4",
"html_url": "https:\/\/github.com\/ethanol1310",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/ethanol1310\/POC-CVE-2025-29927-",
"description": "POC CVE-2025-29927",
"fork": false,
"created_at": "2025-04-13T08:23:11Z",
"updated_at": "2025-04-13T10:02:13Z",
"pushed_at": "2025-04-13T10:02:10Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 966209797,
"name": "exploit-CVE-2025-29927",
"full_name": "UNICORDev\/exploit-CVE-2025-29927",
"owner": {
"login": "UNICORDev",
"id": 103281826,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103281826?v=4",
"html_url": "https:\/\/github.com\/UNICORDev",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/UNICORDev\/exploit-CVE-2025-29927",
"description": "Exploit for CVE-2025-29927 (Next.js) - Authorization Bypass",
"fork": false,
"created_at": "2025-04-14T15:12:13Z",
"updated_at": "2025-11-17T21:38:26Z",
"pushed_at": "2025-04-15T15:59:48Z",
"stargazers_count": 8,
"watchers_count": 8,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"authorization",
"bypass",
"exploit",
"middleware",
"nextjs",
"python",
"python3"
],
"visibility": "public",
"forks": 0,
"watchers": 8,
"score": 0,
"subscribers_count": 1
},
{
"id": 967268350,
"name": "CVE-2025-29927-NextJs-Middleware-Simulation",
"full_name": "Knotsecurity\/CVE-2025-29927-NextJs-Middleware-Simulation",
"owner": {
"login": "Knotsecurity",
"id": 207406244,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/207406244?v=4",
"html_url": "https:\/\/github.com\/Knotsecurity",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Knotsecurity\/CVE-2025-29927-NextJs-Middleware-Simulation",
"description": "Simulates CVE-2025-29927, a critical Next.js vulnerability allowing attackers to bypass middleware authorization by exploiting the internal x-middleware-subrequest HTTP header. Demonstrates unauthorized access to protected routes and provides mitigation strategies.",
"fork": false,
"created_at": "2025-04-16T07:33:54Z",
"updated_at": "2025-04-16T08:28:27Z",
"pushed_at": "2025-04-16T08:28:24Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 967355790,
"name": "CVE-2025-29927",
"full_name": "mhamzakhattak\/CVE-2025-29927",
"owner": {
"login": "mhamzakhattak",
"id": 94353825,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94353825?v=4",
"html_url": "https:\/\/github.com\/mhamzakhattak",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/mhamzakhattak\/CVE-2025-29927",
"description": null,
"fork": false,
"created_at": "2025-04-16T10:28:16Z",
"updated_at": "2025-04-16T10:33:39Z",
"pushed_at": "2025-04-16T10:33:36Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 967722470,
"name": "NextJS-CVE-2025-29927",
"full_name": "enochgitgamefied\/NextJS-CVE-2025-29927",
"owner": {
"login": "enochgitgamefied",
"id": 202580551,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/202580551?v=4",
"html_url": "https:\/\/github.com\/enochgitgamefied",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/enochgitgamefied\/NextJS-CVE-2025-29927",
"description": null,
"fork": false,
"created_at": "2025-04-16T22:39:55Z",
"updated_at": "2025-05-07T15:22:23Z",
"pushed_at": "2025-11-05T10:26:37Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 968363953,
"name": "Vuln-Next.js-CVE-2025-29927",
"full_name": "Grand-Moomin\/Vuln-Next.js-CVE-2025-29927",
"owner": {
"login": "Grand-Moomin",
"id": 91271840,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91271840?v=4",
"html_url": "https:\/\/github.com\/Grand-Moomin",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Grand-Moomin\/Vuln-Next.js-CVE-2025-29927",
"description": null,
"fork": false,
"created_at": "2025-04-18T00:47:47Z",
"updated_at": "2025-04-18T01:33:17Z",
"pushed_at": "2025-04-18T01:33:14Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 970084153,
"name": "Next.js-Middleware-Bypass-CVE-2025-29927-",
"full_name": "pouriam23\/Next.js-Middleware-Bypass-CVE-2025-29927-",
"owner": {
"login": "pouriam23",
"id": 174950792,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174950792?v=4",
"html_url": "https:\/\/github.com\/pouriam23",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/pouriam23\/Next.js-Middleware-Bypass-CVE-2025-29927-",
"description": null,
"fork": false,
"created_at": "2025-04-21T12:50:09Z",
"updated_at": "2025-09-24T01:28:10Z",
"pushed_at": "2025-04-23T14:08:31Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"score": 0,
"subscribers_count": 1
},
{
"id": 971243288,
"name": "CVE-2025-29927",
"full_name": "kh4sh3i\/CVE-2025-29927",
"owner": {
"login": "kh4sh3i",
"id": 64693844,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64693844?v=4",
"html_url": "https:\/\/github.com\/kh4sh3i",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/kh4sh3i\/CVE-2025-29927",
"description": "CVE-2025-29927: Next.js Middleware Bypass Vulnerability",
"fork": false,
"created_at": "2025-04-23T08:19:58Z",
"updated_at": "2025-04-23T12:35:55Z",
"pushed_at": "2025-04-23T10:59:57Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"0day-exploit",
"burpsuite",
"cve",
"cve-2025-29927",
"exploit",
"middleware",
"next",
"nextjs",
"nextjs-example",
"nuclei",
"pentest",
"redteam",
"scanner",
"scanner-web",
"vulnerability"
],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 972544311,
"name": "CVE-2025-29927",
"full_name": "EQSTLab\/CVE-2025-29927",
"owner": {
"login": "EQSTLab",
"id": 148991397,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148991397?v=4",
"html_url": "https:\/\/github.com\/EQSTLab",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/EQSTLab\/CVE-2025-29927",
"description": "Next.js middleware bypass exploit",
"fork": false,
"created_at": "2025-04-25T08:51:52Z",
"updated_at": "2025-06-12T11:47:08Z",
"pushed_at": "2025-04-25T09:20:20Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
},
{
"id": 974046106,
"name": "CVE-2025-29927",
"full_name": "Hirainsingadia\/CVE-2025-29927",
"owner": {
"login": "Hirainsingadia",
"id": 35218213,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35218213?v=4",
"html_url": "https:\/\/github.com\/Hirainsingadia",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Hirainsingadia\/CVE-2025-29927",
"description": "Next js middlewareauth Bypass ",
"fork": false,
"created_at": "2025-04-28T07:13:51Z",
"updated_at": "2025-04-28T07:28:33Z",
"pushed_at": "2025-04-28T07:28:30Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 974172699,
"name": "CVE-2025-29927",
"full_name": "hed1ad\/CVE-2025-29927",
"owner": {
"login": "hed1ad",
"id": 84936556,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84936556?v=4",
"html_url": "https:\/\/github.com\/hed1ad",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/hed1ad\/CVE-2025-29927",
"description": "CVE-2025-29927",
"fork": false,
"created_at": "2025-04-28T11:14:24Z",
"updated_at": "2025-05-06T19:44:55Z",
"pushed_at": "2025-05-06T19:44:51Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 974724585,
"name": "CVE-2025-29927",
"full_name": "HoumanPashaei\/CVE-2025-29927",
"owner": {
"login": "HoumanPashaei",
"id": 56043467,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56043467?v=4",
"html_url": "https:\/\/github.com\/HoumanPashaei",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/HoumanPashaei\/CVE-2025-29927",
"description": "This is a CVE-2025-29927 Scanner.",
"fork": false,
"created_at": "2025-04-29T08:01:08Z",
"updated_at": "2025-08-09T13:19:50Z",
"pushed_at": "2025-08-09T13:19:47Z",
"stargazers_count": 5,
"watchers_count": 5,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 5,
"score": 0,
"subscribers_count": 1
},
{
"id": 974810730,
"name": "CVE-2025-29927",
"full_name": "rubbxalc\/CVE-2025-29927",
"owner": {
"login": "rubbxalc",
"id": 98520856,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98520856?v=4",
"html_url": "https:\/\/github.com\/rubbxalc",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/rubbxalc\/CVE-2025-29927",
"description": null,
"fork": false,
"created_at": "2025-04-29T10:44:45Z",
"updated_at": "2025-04-30T08:13:50Z",
"pushed_at": "2025-04-29T10:45:59Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
},
{
"id": 977134432,
"name": "CVE-2025-29927-scanner",
"full_name": "olimpiofreitas\/CVE-2025-29927-scanner",
"owner": {
"login": "olimpiofreitas",
"id": 2387747,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2387747?v=4",
"html_url": "https:\/\/github.com\/olimpiofreitas",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/olimpiofreitas\/CVE-2025-29927-scanner",
"description": null,
"fork": false,
"created_at": "2025-05-03T14:00:11Z",
"updated_at": "2025-07-25T07:14:05Z",
"pushed_at": "2025-07-07T10:39:23Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
},
{
"id": 979019411,
"name": "CVE-2025-29927_Next.js_Auth_Bypass",
"full_name": "moften\/CVE-2025-29927_Next.js_Auth_Bypass",
"owner": {
"login": "moften",
"id": 4262359,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4262359?v=4",
"html_url": "https:\/\/github.com\/moften",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/moften\/CVE-2025-29927_Next.js_Auth_Bypass",
"description": "Next.js Auth Bypass PoC Edge Runtime Env Leak via Middleware Bug",
"fork": false,
"created_at": "2025-05-06T21:47:49Z",
"updated_at": "2025-10-09T13:59:40Z",
"pushed_at": "2025-10-09T13:59:37Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"middleware",
"nextjs",
"poc"
],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 979729066,
"name": "x-middleware-exploit",
"full_name": "EarthAngel666\/x-middleware-exploit",
"owner": {
"login": "EarthAngel666",
"id": 210785252,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/210785252?v=4",
"html_url": "https:\/\/github.com\/EarthAngel666",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/EarthAngel666\/x-middleware-exploit",
"description": "x-middleware exploit for next.js CVE-202346298 cache poisoning and CVE-2025-29927 bypass",
"fork": false,
"created_at": "2025-05-08T01:26:30Z",
"updated_at": "2025-05-08T01:36:34Z",
"pushed_at": "2025-05-08T01:27:46Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 988964968,
"name": "NextJS-CVE-2025-29927-Docker-Lab",
"full_name": "enochgitgamefied\/NextJS-CVE-2025-29927-Docker-Lab",
"owner": {
"login": "enochgitgamefied",
"id": 202580551,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/202580551?v=4",
"html_url": "https:\/\/github.com\/enochgitgamefied",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/enochgitgamefied\/NextJS-CVE-2025-29927-Docker-Lab",
"description": null,
"fork": false,
"created_at": "2025-05-23T10:49:41Z",
"updated_at": "2025-05-23T11:59:40Z",
"pushed_at": "2025-11-02T09:40:23Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 990526211,
"name": "CVE-2025-29927",
"full_name": "sagsooz\/CVE-2025-29927",
"owner": {
"login": "sagsooz",
"id": 38169010,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38169010?v=4",
"html_url": "https:\/\/github.com\/sagsooz",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/sagsooz\/CVE-2025-29927",
"description": "🔐 Python-based smart scanner for CVE-2025-29927 — Next.js middleware authentication bypass vulnerability. Detects meta refresh, keyword-based redirects, and more.",
"fork": false,
"created_at": "2025-05-26T08:47:01Z",
"updated_at": "2025-05-26T08:53:33Z",
"pushed_at": "2025-05-26T08:53:30Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 992728004,
"name": "vulnerable-nextjs-14-CVE-2025-29927",
"full_name": "SugiB3o\/vulnerable-nextjs-14-CVE-2025-29927",
"owner": {
"login": "SugiB3o",
"id": 24741216,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24741216?v=4",
"html_url": "https:\/\/github.com\/SugiB3o",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/SugiB3o\/vulnerable-nextjs-14-CVE-2025-29927",
"description": "vulnerable-nextjs-14-CVE-2025-29927",
"fork": false,
"created_at": "2025-05-29T16:06:36Z",
"updated_at": "2025-05-29T16:15:38Z",
"pushed_at": "2025-09-04T10:22:45Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 998052001,
"name": "Blackash-CVE-2025-29927",
"full_name": "Ashwesker\/Blackash-CVE-2025-29927",
"owner": {
"login": "Ashwesker",
"id": 215029052,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/215029052?v=4",
"html_url": "https:\/\/github.com\/Ashwesker",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Ashwesker\/Blackash-CVE-2025-29927",
"description": "CVE-2025-29927",
"fork": false,
"created_at": "2025-06-07T19:04:38Z",
"updated_at": "2025-06-07T19:27:32Z",
"pushed_at": "2025-06-07T19:27:27Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 1000687487,
"name": "Next.JS-CVE-2025-29927",
"full_name": "amitlttwo\/Next.JS-CVE-2025-29927",
"owner": {
"login": "amitlttwo",
"id": 55759090,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55759090?v=4",
"html_url": "https:\/\/github.com\/amitlttwo",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/amitlttwo\/Next.JS-CVE-2025-29927",
"description": null,
"fork": false,
"created_at": "2025-06-12T07:07:40Z",
"updated_at": "2025-06-12T09:24:00Z",
"pushed_at": "2025-06-12T09:23:56Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 1014791291,
"name": "next-js-auth-bypass",
"full_name": "kazuya256\/next-js-auth-bypass",
"owner": {
"login": "kazuya256",
"id": 204841741,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/204841741?v=4",
"html_url": "https:\/\/github.com\/kazuya256",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/kazuya256\/next-js-auth-bypass",
"description": "🔓 Next.js Auth Bypass Demo - Educational application demonstrating CVE-2025-29927 middleware authentication bypass vulnerability . ⚠️ For educational use only.[Made using Ai]",
"fork": false,
"created_at": "2025-07-06T12:28:56Z",
"updated_at": "2025-11-17T14:59:19Z",
"pushed_at": "2025-07-12T07:19:56Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"auth-bypass",
"cve-2025-29927",
"demo",
"next"
],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
},
{
"id": 1019716760,
"name": "Thank-u-Next",
"full_name": "mickhacking\/Thank-u-Next",
"owner": {
"login": "mickhacking",
"id": 94079102,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94079102?v=4",
"html_url": "https:\/\/github.com\/mickhacking",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/mickhacking\/Thank-u-Next",
"description": "CVE-2025-29927 PoC | Auth Bypass Exploit | Python Tool using httpx | Middleware Vulnerability | Ethical Hacking Toolkit",
"fork": false,
"created_at": "2025-07-14T18:57:41Z",
"updated_at": "2025-07-14T19:06:02Z",
"pushed_at": "2025-07-14T19:05:00Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 1025082812,
"name": "CVE-2025-29927-Next.js-Middleware-Authorization-Bypass",
"full_name": "0xh3g4z1\/CVE-2025-29927-Next.js-Middleware-Authorization-Bypass",
"owner": {
"login": "0xh3g4z1",
"id": 193804604,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/193804604?v=4",
"html_url": "https:\/\/github.com\/0xh3g4z1",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/0xh3g4z1\/CVE-2025-29927-Next.js-Middleware-Authorization-Bypass",
"description": "CVE202529927 is a critical vulnerability (CVSS 9.1) in Next.js that allows attackers to bypass middlewarebased security checks.",
"fork": false,
"created_at": "2025-07-23T17:35:58Z",
"updated_at": "2025-11-29T13:26:13Z",
"pushed_at": "2025-07-23T17:36:50Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"score": 0,
"subscribers_count": 0
},
{
"id": 1027265337,
"name": "CVE-2025-29927",
"full_name": "sahbaazansari\/CVE-2025-29927",
"owner": {
"login": "sahbaazansari",
"id": 121603167,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121603167?v=4",
"html_url": "https:\/\/github.com\/sahbaazansari",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/sahbaazansari\/CVE-2025-29927",
"description": "The POC for m6.fr website",
"fork": false,
"created_at": "2025-07-27T16:59:08Z",
"updated_at": "2025-07-27T17:11:32Z",
"pushed_at": "2025-07-27T17:11:27Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 1028537338,
"name": "PoC-CVE-2025-29927",
"full_name": "b4sh0xf\/PoC-CVE-2025-29927",
"owner": {
"login": "b4sh0xf",
"id": 153856077,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153856077?v=4",
"html_url": "https:\/\/github.com\/b4sh0xf",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/b4sh0xf\/PoC-CVE-2025-29927",
"description": "→ poc for CVE-2025-29927",
"fork": false,
"created_at": "2025-07-29T17:15:21Z",
"updated_at": "2025-08-07T13:37:47Z",
"pushed_at": "2025-08-07T13:37:44Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 1029026932,
"name": "vulnbox-easy-CVE-2025-29927",
"full_name": "rgvillanueva28\/vulnbox-easy-CVE-2025-29927",
"owner": {
"login": "rgvillanueva28",
"id": 45262256,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45262256?v=4",
"html_url": "https:\/\/github.com\/rgvillanueva28",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/rgvillanueva28\/vulnbox-easy-CVE-2025-29927",
"description": null,
"fork": false,
"created_at": "2025-07-30T12:13:55Z",
"updated_at": "2025-08-07T16:00:48Z",
"pushed_at": "2025-08-07T15:48:28Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 1040790315,
"name": "Nextjs-middleware-vulnerable-appdemo-CVE-2025-29927",
"full_name": "R3verseIN\/Nextjs-middleware-vulnerable-appdemo-CVE-2025-29927",
"owner": {
"login": "R3verseIN",
"id": 62656061,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62656061?v=4",
"html_url": "https:\/\/github.com\/R3verseIN",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/R3verseIN\/Nextjs-middleware-vulnerable-appdemo-CVE-2025-29927",
"description": null,
"fork": false,
"created_at": "2025-08-19T14:07:04Z",
"updated_at": "2025-08-19T14:09:25Z",
"pushed_at": "2025-08-19T14:09:21Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 1046083905,
"name": "CVE-2025-29927",
"full_name": "zs1n\/CVE-2025-29927",
"owner": {
"login": "zs1n",
"id": 209989581,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/209989581?v=4",
"html_url": "https:\/\/github.com\/zs1n",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/zs1n\/CVE-2025-29927",
"description": "PoC | NextJS Middleware 15.2.2 - Authorization Bypass ",
"fork": false,
"created_at": "2025-08-28T06:55:34Z",
"updated_at": "2025-08-28T07:29:47Z",
"pushed_at": "2025-08-28T07:29:43Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 1055110112,
"name": "CVE-2025-29927-PoC",
"full_name": "MKIRAHMET\/CVE-2025-29927-PoC",
"owner": {
"login": "MKIRAHMET",
"id": 172183233,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172183233?v=4",
"html_url": "https:\/\/github.com\/MKIRAHMET",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/MKIRAHMET\/CVE-2025-29927-PoC",
"description": "This repository contains **research and analysis** related to CVE-2025-29927. It demonstrates safe, controlled testing approaches for a path traversal\/middleware misconfiguration vulnerability in web applications.",
"fork": false,
"created_at": "2025-09-11T19:30:20Z",
"updated_at": "2025-09-11T20:44:46Z",
"pushed_at": "2025-09-11T20:44:43Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 1058563526,
"name": "vulnerable-nextjs-14-CVE-2025-29927",
"full_name": "adjscent\/vulnerable-nextjs-14-CVE-2025-29927",
"owner": {
"login": "adjscent",
"id": 29534372,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29534372?v=4",
"html_url": "https:\/\/github.com\/adjscent",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/adjscent\/vulnerable-nextjs-14-CVE-2025-29927",
"description": "do not use. vulnerable",
"fork": false,
"created_at": "2025-09-17T08:56:21Z",
"updated_at": "2025-09-17T08:56:49Z",
"pushed_at": "2025-09-17T08:56:45Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 1060604602,
"name": "CVE-2025-29927",
"full_name": "sdrtba\/CVE-2025-29927",
"owner": {
"login": "sdrtba",
"id": 64638190,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64638190?v=4",
"html_url": "https:\/\/github.com\/sdrtba",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/sdrtba\/CVE-2025-29927",
"description": null,
"fork": false,
"created_at": "2025-09-20T08:12:13Z",
"updated_at": "2025-09-22T08:36:55Z",
"pushed_at": "2025-09-22T08:36:52Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 1061375097,
"name": "CVE-2025-29927",
"full_name": "iteride\/CVE-2025-29927",
"owner": {
"login": "iteride",
"id": 164376455,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/164376455?v=4",
"html_url": "https:\/\/github.com\/iteride",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/iteride\/CVE-2025-29927",
"description": null,
"fork": false,
"created_at": "2025-09-21T19:28:03Z",
"updated_at": "2025-09-30T07:23:41Z",
"pushed_at": "2025-09-23T18:29:48Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
},
{
"id": 1062338605,
"name": "nextjs-middleware-auth-bypass",
"full_name": "sermikr0\/nextjs-middleware-auth-bypass",
"owner": {
"login": "sermikr0",
"id": 230672901,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/230672901?v=4",
"html_url": "https:\/\/github.com\/sermikr0",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/sermikr0\/nextjs-middleware-auth-bypass",
"description": "CVE-2025-29927",
"fork": false,
"created_at": "2025-09-23T06:07:00Z",
"updated_at": "2025-11-27T14:48:10Z",
"pushed_at": "2025-09-23T06:35:05Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 1,
"score": 0,
"subscribers_count": 0
},
{
"id": 1062525180,
"name": "day10-nextjs-middleware-lab",
"full_name": "amalpvatayam67\/day10-nextjs-middleware-lab",
"owner": {
"login": "amalpvatayam67",
"id": 200071444,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/200071444?v=4",
"html_url": "https:\/\/github.com\/amalpvatayam67",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/amalpvatayam67\/day10-nextjs-middleware-lab",
"description": "Next.js middleware auth-bypass lab (CVE-2025-29927 simulation)",
"fork": false,
"created_at": "2025-09-23T11:22:00Z",
"updated_at": "2025-09-23T11:24:45Z",
"pushed_at": "2025-09-23T11:24:42Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 1065706961,
"name": "cve-2025-29927",
"full_name": "kuyrathdaro\/cve-2025-29927",
"owner": {
"login": "kuyrathdaro",
"id": 92511754,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92511754?v=4",
"html_url": "https:\/\/github.com\/kuyrathdaro",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/kuyrathdaro\/cve-2025-29927",
"description": null,
"fork": false,
"created_at": "2025-09-28T09:11:45Z",
"updated_at": "2025-09-28T09:11:45Z",
"pushed_at": "2025-09-28T09:11:45Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 1069496808,
"name": "middleforce",
"full_name": "diogolourencodev\/middleforce",
"owner": {
"login": "diogolourencodev",
"id": 211736518,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/211736518?v=4",
"html_url": "https:\/\/github.com\/diogolourencodev",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/diogolourencodev\/middleforce",
"description": "Simple script to attempt a Bypass on a server possibly vulnerable to CVE-2025-29927 (Next.js Middleware)",
"fork": false,
"created_at": "2025-10-04T03:40:54Z",
"updated_at": "2025-10-10T13:41:51Z",
"pushed_at": "2025-10-04T03:41:14Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
},
{
"id": 1071915165,
"name": "CVE-2025-29927",
"full_name": "Bongni\/CVE-2025-29927",
"owner": {
"login": "Bongni",
"id": 76695416,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76695416?v=4",
"html_url": "https:\/\/github.com\/Bongni",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Bongni\/CVE-2025-29927",
"description": "Reproduction and fix of the CVE-2025-29927 vulnerability.",
"fork": false,
"created_at": "2025-10-08T02:04:39Z",
"updated_at": "2025-11-30T11:22:18Z",
"pushed_at": "2025-11-30T11:22:15Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
},
{
"id": 1076911585,
"name": "CTF_CVE_DSP_1",
"full_name": "NS-Projects-Unina\/CTF_CVE_DSP_1",
"owner": {
"login": "NS-Projects-Unina",
"id": 190720012,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/190720012?v=4",
"html_url": "https:\/\/github.com\/NS-Projects-Unina",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/NS-Projects-Unina\/CTF_CVE_DSP_1",
"description": "Una CTF, in formato DSP-compliant, basata sulla CVE-2025-29927 di nextjs.",
"fork": false,
"created_at": "2025-10-15T14:10:15Z",
"updated_at": "2025-10-16T10:48:52Z",
"pushed_at": "2025-10-16T10:48:47Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 1084557809,
"name": "CVE-2025-29927-PoC",
"full_name": "lucaschanzx\/CVE-2025-29927-PoC",
"owner": {
"login": "lucaschanzx",
"id": 96561637,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96561637?v=4",
"html_url": "https:\/\/github.com\/lucaschanzx",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/lucaschanzx\/CVE-2025-29927-PoC",
"description": null,
"fork": false,
"created_at": "2025-10-27T20:58:14Z",
"updated_at": "2025-10-28T04:21:18Z",
"pushed_at": "2025-10-28T04:21:15Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]
Reference in a new issue View git blame Copy permalink