From 6b9deefa89350fab05d59727b36862848886f239 Mon Sep 17 00:00:00 2001
From: Chris Tate <ctate@users.noreply.github.com>
Date: Thu, 11 Dec 2025 17:21:54 -0600
Subject: [PATCH] fix: upgrade Next.js to 15.3.7 (CVE-2025-55182)

This upgrade fixes CVE-2025-55182, a React Server Components RCE vulnerability.
---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index be2ba2d..9d0c300 100644
--- a/package.json
+++ b/package.json
@@ -19,7 +19,7 @@
     "clsx": "^2.1.1",
     "jigsawstack": "^0.2.8",
     "lucide-react": "^0.514.0",
-    "next": "15.3.3",
+    "next": "15.3.7",
     "next-themes": "^0.4.6",
     "react": "^19.0.0",
     "react-dom": "^19.0.0",