Kristianmagas

**Name of the Vulnerable Software and Affected Versions** Next.js versions prior to 14.2.31 Next.js versions 15.0.0 through 15.4.5 **Description** Next.js Image Optimization is susceptible to content injection. Attackers controlling external image sources can trigger file downloads with arbitrary content and filenames under specific configurations. This could be exploited for phishing or malicious file delivery. **Recommendations** Upgrade to Next.js version 14.2.31 or later. Upgrade to Next.js version 15.4.5 or later. Verify that external image sources are strictly validated.