Researchers have alerted to a critical vulnerability that was recently found in Next.Js, an open-source JavaScript framework. The exploit allows attackers to bypass authorization, gaining access to targeted systems. A patch for the zero-day was released last week, but Vercel, the company that created and maintains Next.js, says that they are not aware of any active exploits. Next.js is commonly used among developers, and it is downloaded over 9 million times per week. 

Read more: https://cyberscoop.com/nextjs-critical-vulnerability-open-source-vercel/