FIND-20260413-002 · 2026-04-13 · Innovation Veille

CVE-2026-29057: Next.js HTTP Request Smuggling via Chunked Transfer

cve HIGH
CVE-2026-29057 is an HTTP request smuggling vulnerability in Next.js. When Next.js rewrites proxy traffic to an external backend, a crafted DELETE or OPTIONS request using Transfer-Encoding: chunked can allow an attacker to smuggle a second request to unintended backend routes, potentially bypassing authorization and reaching internal or admin endpoints. Fixed in Next.js 16.2.2 LTS.

Source

https://nvd.nist.gov/vuln/detail/CVE-2026-29057

ODS Impact

ODS Dashboard (Next.js frontend with Hono API backend). The rewrite proxy pattern used in the monorepo (Next.js -> Hono catch-all) could be exploited if not patched. Confirm upgrade to Next.js 16.2.2.

Security Review

License: N/A | Maintenance: ACTIVE | Risk: LOW | Recommendation: USE_WITH_CAUTION

Tags

nextjs cve http-smuggling security dashboard proxy
Generated by ODS Innovation Veille · 2026-04-13T07:05:55+00:00