José Carlos Chávez

Security Software Engineer @ Okta, OWASP Coraza co-leader, and Peruvian llama ambassador.

Security Alert: How Attackers Can Bypass Next.js Middleware With a Single HTTP Header

Security Alert: How Attackers Can Bypass Next.js Middleware With a Single HTTP Header

José Carlos Chávez
·
Security
·
March, 2025

Recently, a critical vulnerability (CVE-2025-29927) was disclosed in the popular Next.js framework, allowing attackers to circumvent middleware execution—including security checks—by leveraging an internal header.

Why does WAF matter in API security?

Why does WAF matter in API security?

José Carlos Chávez
·
API Management
·
March, 2024

Nowadays, APIs power the internet. We see APIs (Application Programming Interfaces) everywhere: webshops, social networks, mobile apps, government sites and most of the media entertainment is delivered to us over APIs.

Traefik Labs uses cookies to improve your experience. By continuing to browse the site you are agreeing to our use of cookies. Find out more in the Cookie Policy.