Auth0 Nextjs-auth0

7 CVEs affecting Auth0 Nextjs-auth0. Latest disclosed: 2026-04-17. Critical: 0, High: 1.

Top CVEs affecting Auth0 Nextjs-auth0
CVE	Severity	Score	Published	Summary
`CVE-2021-32702`	High	`8.0`	2021-06-25	The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. Versions before and including `1.4.1` are vulnerable to reflec…
`CVE-2021-43812`	Medium	`6.4`	2021-12-16	The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. Versions before 1.6.2 do not filter out certain returnTo param…
`CVE-2025-67716`	Medium	`5.7`	2025-12-11	The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. Versions 4.9.0 through 4.12.1 contain an input-validation flaw…
`CVE-2026-40155`	Medium	`5.4`	2026-04-17	The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. In versions 4.12.0 through 4.17.1, simultaneous requests that…
`CVE-2025-67490`	Medium	`5.4`	2025-12-10	The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. When using versions 4.11.0 through 4.11.2 and 4.12.0, simultan…
`CVE-2025-48947`			2025-06-04	The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. In Auth0 Next.js SDK versions 4.0.1 through 4.6.0, `__session`…
`CVE-2025-46344`			2025-04-29	The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. Versions starting from 4.0.1 and prior to 4.5.1, do not invoke…