Security-bulletin

Addressing CVE-2026-49975, a denial-of-service exploit against most major web servers, including: nginx, Apache httpd, Microsoft IIS, Envoy, etc.

Addressing React2Shell CVE-2025-55182 (React) & CVE-2025-66478 (NextJS) Remote Code Execution (RCE) in React Server Components

Addressing CVE-2025-29927 Authorization Bypass in NextJS Middleware