# Next.js RCE Vulnerability Scanner

Quick scanner for CVE-2025-66478 / CVE-2025-55182 (CVSS 10.0)

## Usage

```bash
curl -o check-nextjs-rce.sh http://100.120.125.113:3000/pdm/security-tools/raw/branch/main/check-nextjs-rce.sh
  chmod +x check-nextjs-rce.sh
  sudo ./check-nextjs-rce.sh
```

## What it checks

- Scans all package.json files on the system
- Checks Docker containers for Next.js
- Identifies vulnerable versions (15.0-15.5.6, 16.0-16.0.6)

## Patched Versions

- Next.js 15.5.7+
- Next.js 16.0.7+

## How to Update Next.js

### For npm projects:
```bash
# Update to latest patched version
npm install next@latest

# Or specify exact version
npm install next@15.5.7
```

### For yarn projects:
```bash
# Update to latest patched version
yarn upgrade next@latest

# Or specify exact version
yarn upgrade next@15.5.7
```

### For Docker containers:
```bash
# 1. Update package.json in your project
sed -i 's/"next": "15\.[0-5]\.[0-6]"/"next": "15.5.7"/g' package.json

# 2. Rebuild Docker image
docker compose build

# 3. Restart container
docker compose down
docker compose up -d

# 4. Verify version
docker compose exec <container-name> npm list next
```

### Verify the update:
```bash
# Check installed version
npm list next
# or
yarn list next

# Verify no vulnerabilities remain
npm audit
# or
yarn audit
```