Tools

Next.js Weekly #111: New Critical Next.js Cves, Elevenlabs Ui, Ts 7...

2025-12-15 0 views admin
Next.js Weekly #111: New Critical Next.js Cves, Elevenlabs Ui, Ts 7...

Posted on Dec 15

• Originally published at nextjsweekly.com

This is the last issue of the year. I want to thank you for reading and supporting the newsletter. I hope you have a great holiday season and a happy new year!

Following last week's React2Shell exploit, two new vulnerabilities affecting Next.js App Router (v13-v16) have been discovered. One can freeze your server, and the other could leak your source code. There is no workaround other than upgrading immediately. You can use npx fix-react2shell-next to automatically verify and update your app. Also check out: Security Bulletin: CVE-2025-55184 and CVE-2025-55183

The post describes the architectural shift behind async React, where React 19's new coordination primitives such as: useTransition, Suspense, useDeferredValue, and the new use() API turn async logic into declarative building blocks

The Vercel CEO wrote a long Tweet sharing his perspective on the React2Shell exploit and how Vercel and others moved quickly to patch it and protect Next.js users

Instead of relying on Next.js ISR, Mintlify built a custom caching layer powered by Cloudflare Workers, KV, Durable Objects, and Queues. This setup decoupled deployments from cache invalidation and pushed their cache hit rate to almost 100%.

Shows how Elysia, a web framework built on Bun, helps you make very fast and type-safe APIs inside Next.js 16. It also includes Eden, a package that brings built-in type safety between server and client, like a simpler tRPC.

This guide explains React's new experimental Hook useEffectEvent, and shows how and when to use it. It also covers best practices, use cases like logging or debouncing, and what to expect before it’s stable.

React Paris just announced its full speaker lineup, featuring top names like Una Kravets, Tanner Linsley, Mark Erikson, Daishi Kato, Kitze, and Tejas Kumar, focusing on cutting-edge React, AI, and web dev, with the event happening March 26-27, 2026

A component library built on top of shadcn/ui which provides pre-built, customizable React components specifically designed for agent & audio applications, including orbs, waveforms, voice agents, audio players, and more

Source: Dev.to

🏷️ Tags

freeapplibraryframeworkcli

More from Tools

Entering the Upside Down of Pivot Grid: A Stranger Things Data-Viz Tutorial

Entering the Upside Down of Pivot Grid: A Stranger Things Data-Viz Tutorial

2025-12-15 0
I Wasted 6 Weeks Building SaaS Boilerplate (Again). Here's What Finally Made Me Stop.

I Wasted 6 Weeks Building SaaS Boilerplate (Again). Here's What Finally Made Me Stop.

2025-12-15 0
Designing Difficulty Curves That Work in Browser Platformer Games

Designing Difficulty Curves That Work in Browser Platformer Games

2025-12-15 0
CNN vs Transformer – A Visual Comparison

CNN vs Transformer – A Visual Comparison

2025-12-15 0

Trending

1

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

2025-10-27 • 189 views
2

CVE-2025-43939: Dell Unity OS Command Injection (High)

2025-10-30 • 148 views
3

Google disputes false claims of massive Gmail data breach

2025-10-30 • 130 views
4

Microsoft: DNS outage impacts Azure and Microsoft 365 services

2025-10-30 • 88 views
5

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting

2025-11-25 • 81 views