Update next to fix: - CVE-2025-66478 (critical): Remote code execution via crafted RSC payload

velitchko · velitchko · commit 8529e45cd70f · 2025-12-12T11:01:26.000+01:00
- CVE-2025-55184 (high): DoS via malicious HTTP request causing server to hang and consume CPU - CVE-2025-55183 (medium): Compiled Server Action source code can be exposed via malicious request - CVE-2025-67779 (high): Incomplete fix for CVE-2025-55184 DoS via malicious RSC payload causing infinite loop
diff --git a/package.json b/package.json
@@ -11,7 +11,7 @@
   "dependencies": {
     "react": "19.2.0",
     "react-dom": "19.2.0",
-    "next": "16.0.7"
+    "next": "16.0.10"
   },
   "devDependencies": {
     "typescript": "^5",
