Critical open-source software is aging fast. See what Black Duck found—and how our newest NES products (Spark, Solr, Camel & more) help you stay secure.
View in browser
B

March 2025

🚨 Critical Alert: Next.js Middleware Vulnerability

CVE-2025-29927

CVE-2025-29927 is a serious vulnerability that allows attackers to bypass authentication in Next.js middleware. Left unaddressed, it could lead to unauthorized access and potential system compromise.

 

HeroDevs now offers Next.js NES, providing long-term security patches and compliance support for affected versions—so you can stay protected without a full migration.

Discover Next.js NES
More Details on CVE

🎙️ Everyday Heroes Podcast: Season 1 Finale

Catch the last two episodes of our debut season, packed with insights and stories of heroes in tech.

06_HERO_Aileen Villanueva - Thumbnail (Horizontal)
Episode 7
08_HERO_Dave Welch - Thumbnail
Episode 8

🔍 The Hidden Risks of End-of-Life Software

 

The Black Duck report exposes the critical challenges of running outdated open-source software:

  • 90% of codebases contain open-source components over four years old
  • 50% of codebases run software at least 10 versions behind the latest release
  • Critical frameworks like Vue 2, AngularJS, Express.js 3, and Node.js 16 remain widely used despite lacking official support
Read the Report

New Apache NES Products!

 

We’ve expanded our Never-Ending Support lineup to include more critical open-source technologies. Now available:

Apache Struts NES
Apache Solr & Lucene NES
Apache Tapestry NES
Apache Cocoon NES
Apache Camel NES
Apache Spark NES

AngularJS: Still Standing Strong

With 419,000 weekly downloads in 2025 and 7 critical vulnerabilities addressed, your legacy Angular apps aren't going anywhere—and neither are we.

Read the State of AngularJS
Logo-Monochrome-White (1)

Find us on G2

G2Logo-Red
LinkedIn
X
YouTube

HeroDevs, Inc., 8850 S 700 E #2437, Sandy, UT 84070, United States, 1-877-586-1965

Unsubscribe Manage preferences