← ターゲット選定に戻る

Blog

vercel/next.js

The React Framework

#react#server-rendering#universal#node#components#browser#nextjs#vercel#static-site-generator#hybrid#ssg#static#blog#compiler

スコア

50

/ 100

Star

139,487

Fork

31,072

Open Issue

2,144

サイズ

2.4GB

言語

JavaScript ★

最終push

0 日前

Docker

—

採点内訳

過去CVE 20件 (やや多い)

✓

直近 push: 0 日前

✓

得意言語 (JavaScript)

✓

オープンissue 2144件

✓

超大規模 (2.4GB)

—

Docker 未対応

—

100k+: ベテラン領域 (★139,487)

—

※ 各項目の重みは「採点ルール」を参照。合計は 0 で底打ち。

過去の SecurityAdvisory (20 件)

HIGHGHSA-26hh-7cqf-hhc6 CVE-2026-451092026/5/7
Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up
MEDIUMGHSA-ffhc-5mcf-pf4q CVE-2026-445812026/5/6
Cross-site scripting in App Router applications using CSP nonces
LOWGHSA-vfv6-92ff-j949 CVE-2026-445822026/5/6
Cache poisoning via collisions in React Server Component cache-busting
MEDIUMGHSA-gx5p-jg67-6x7h CVE-2026-445802026/5/6
Cross-site scripting in beforeInteractive scripts with untrusted input
HIGHGHSA-mg66-mrh9-m8jx CVE-2026-445792026/5/6
Denial of Service via connection exhaustion in applications using Cache Components
MEDIUMGHSA-h64f-5h5j-jqjh CVE-2026-445772026/5/6
Denial of Service in the Image Optimization API
HIGHGHSA-c4j6-fc7j-m34r CVE-2026-445782026/5/6
Server-side request forgery in applications using WebSocket upgrades
MEDIUMGHSA-wfc6-r584-vfw7 CVE-2026-445762026/5/6
Cache poisoning in React Server Component responses
HIGHGHSA-267c-6grr-h53f CVE-2026-445752026/5/6
Middleware / Proxy bypass in App Router applications via segment-prefetch routes
HIGHGHSA-492v-c6pp-mqqv CVE-2026-445742026/5/6
Middleware / Proxy bypass through dynamic route parameter injection
HIGHGHSA-36qx-fr4f-26g5 CVE-2026-445732026/5/6
Middleware / Proxy bypass in Pages Router applications using i18n
LOWGHSA-3g8h-86w9-wvmq CVE-2026-445722026/5/6
Middleware / Proxy redirects can be cache-poisoned
HIGHGHSA-8h8q-6873-q5fj CVE-2026-238702026/5/6
Denial of Service with Server Components
HIGHGHSA-q4gf-8mx6-v5v3 CVE-2026-238692026/4/8
Denial of Service with Server Components
MEDIUMGHSA-3x4c-7xq6-9pq8 CVE-2026-279802026/3/16
Unbounded next/image disk cache growth can exhaust storage
MEDIUMGHSA-mq59-m269-xvcx CVE-2026-279782026/3/16
null origin can bypass Server Actions CSRF checks
MEDIUMGHSA-jcc7-9wpm-mj36 CVE-2026-279772026/3/16
Origin: null can bypass allowedDevOrigins protections for internal dev endpoints
MEDIUMGHSA-h27x-g6w4-24gq CVE-2026-279792026/3/16
Unbounded postponed resume buffering can lead to DoS
MEDIUMGHSA-ggv3-7p47-pfv8 CVE-2026-290572026/3/16
HTTP request smuggling in rewrites
MEDIUMGHSA-9g9p-9gw9-jx7f CVE-2025-594712026/1/26
Denial of Service in Image Optimizer