From 9fb89ec3521be89eb4bfe4c36fa603aab04a215f Mon Sep 17 00:00:00 2001
From: Chris Tate <ctate@users.noreply.github.com>
Date: Mon, 8 Dec 2025 17:40:38 -0600
Subject: [PATCH] fix: upgrade Next.js to 15.2.6 (CVE-2025-55182)

This upgrade fixes CVE-2025-55182, a React Server Components RCE vulnerability.
---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index f67158d372..de375002f8 100644
--- a/package.json
+++ b/package.json
@@ -24,7 +24,7 @@
     "gray-matter": "^4.0.2",
     "hast-util-from-html-isomorphic": "^2.0.0",
     "image-size": "2.0.1",
-    "next": "15.2.4",
+    "next": "15.2.6",
     "next-contentlayer2": "0.5.5",
     "next-themes": "^0.4.6",
     "pliny": "0.4.1",