From b163ad377a3981c368630aa261cd8c619257b0d6 Mon Sep 17 00:00:00 2001
From: Chris Tate <ctate@users.noreply.github.com>
Date: Tue, 9 Dec 2025 15:44:19 -0600
Subject: [PATCH] fix: upgrade Next.js to 15.5.7 (CVE-2025-55182)

This upgrade fixes CVE-2025-55182, a React Server Components RCE vulnerability.
---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index cd960b6..6f692fa 100644
--- a/package.json
+++ b/package.json
@@ -11,7 +11,7 @@
     "@magic-ext/webauthn": "^0.1.0",
     "autoprefixer": "^10.0.4",
     "magic-sdk": "^4.2.1",
-    "next": "latest",
+    "next": "15.5.7",
     "postcss": "^8.1.10",
     "react": "^17.0.1",
     "react-dom": "^17.0.1",