Potential Security Issue with Next.js

[ozboomer]

Apologies if this is the wrong place to post this... but I'm not sure about contacting the developers about this issue with Next.js, which is a component in TiddlyDesktop.

https://www.cyber.gov.au/about-us/view-all-content/alerts-and-advisories/nextjs-authentication-bypass-vulnerability-cve-2025-29927

It might be an idea to review the possible impact of this issue.

[Jermolene]

Hi @ozboomer – TiddlyDesktop is based on a platform called nw.js (https://nwjs.io/), and does not use Next.js.

[ozboomer]

Ok.. Just an unfortunate name collision, then:-

C:...\TiddlyDesktop\tiddlywiki\core\modules\filters\next.js

[pmario]

Ok.. Just an unfortunate name collision, then:-

C:...\TiddlyDesktop\tiddlywiki\core\modules\filters\next.js

Right -- it is a name collision. This filter operator just selects the "next" title in a list. So has nothing to do Next.js