next

npmv16.2.4

The React Framework

License: MIT3740 versions2 maintainers6 deps36,294,910 weekly downloads
vercel/next.js
80
/100
Health Score

Recommendation

[email protected] is safe to use (health: 80/100)

Health Breakdown

25/25
maintenance
20/20
popularity
17/25
security
15/15
maturity
3/15
community

Vulnerabilities (5)

4 medium1 low
medium
CVE-2025-59472

Next.js has Unbounded Memory Consumption via PPR Resume Endpoint

Fixed in 15.6.0-canary.61

medium
GHSA-5j59-xgg2-r9c4

Next has a Denial of Service with Server Components - Incomplete Fix Follow-Up

Fixed in 16.1.0-canary.19

unknown
CVE-2023-46298

Next.js missing cache-control header may lead to CDN caching empty reply

Fixed in 13.4.20-canary.13

medium
GHSA-mwv6-3258-q52c

Next Vulnerable to Denial of Service with Server Components

Fixed in 16.1.0-canary.17

medium
GHSA-w37m-7fhw-fmv9

Next Server Actions Source Code Exposure

Fixed in 16.1.0-canary.17

Dependencies (6)

postcss@next/envstyled-jsx@swc/helperscaniuse-litebaseline-browser-mapping

API Access

Get this data programmatically — free, no authentication required:

curl https://depscope.dev/api/check/npm/next

First published: 2011-07-11T11:00:45.416Z

Last updated: 2026-04-15T22:33:47.905Z

Data from DepScope — Package Intelligence for AI Agents

next — Health Score 80/100 | DepScope