$ ./vuln-check

⚠ This application is vulnerable to CVE-2025-66478.

Report platform protection bypasses via Vercel's HackerOne program.

$ node --version

v24.13.0

$ next --version

16.0.6

$ cat package.json | jq .dependencies

{
  "next": "16.0.6",
  "react": "19.2.1",
  "react-dom": "19.2.1",
  "@tailwindcss/postcss": "^4",
  "@types/node": "^20",
  "@types/react": "^19",
  "@types/react-dom": "^19",
  "eslint": "^9",
  "eslint-config-next": "16.0.7",
  "tailwindcss": "^4",
  "typescript": "^5"
}

🚩 Submit the value of the VERCEL_PLATFORM_PROTECTION environment variable to HackerOne.

$ ./say-hello