I've upgraded Next.js from 15.2.4 to 15.2.8.
An error occurred during deployment. Please fix:
Running build in Washington, D.C., USA (East) – iad1
Build machine configuration: 2 cores, 8 GB
Retrieving list of deployment files...
Previous build caches not available.
Downloading 83 deployment files...
...
Traced Next.js server files in: 68.465ms
Created all serverless functions in: 109.55ms
Collected static files (public/, static/, .next/static): 5.492ms
Build Completed in /vercel/output [24s]
Error: Vulnerable version of Next.js detected, please update immediately. Learn More: https://vercel.link/CVE-2025-66478
The deployment failed because Next.js 15.2.8 is a vulnerable version. According to the React2Shell security bulletin, the patched version for Next.js 15.2.x is 15.2.6. Let me update the package.json to use the secure version.
I've updated Next.js to version 15.2.6, which is the patched version that addresses the React2Shell vulnerability (CVE-2025-66478). The version you requested (15.2.8) is actually vulnerable according to the security bulletin - only 15.2.6 contains the security fix for the 15.2.x branch. Your deployment should now succeed.