Next.js: Race Condition Causes Leakage of pageProps Instead of HTML in Pages Router

In Next.js versions prior to 14.2.24 and 15.1.6 a low severity vulnerability CVE-2025-32421 was detected. This race-condition vulnerability in the Pages Router under certain misconfigurations causes normal endpoints to serve `pageProps` data instead of standard HTML. To address this issue, users should upgrade Next.js to versions 15.1.6 or 14.2.24. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-32421.