Category: Next.js

Next.js Cache Poisoning Vulnerability Let Attackers Trigger DoS Condition Key Takeaways1. Next.js versions 15.1.0-15.1.8 have a cache poisoning bug causing DoS attacks through blank page delivery.2. Needs affected Next.js version + ISR with cache revalidation + SSR with CDN caching 204 responses.3. Race condition allows HTTP 204 responses to be cached for static pages, serving…