From 000e337dc344de3c885f0e02d6287752bfa456df Mon Sep 17 00:00:00 2001
From: hailin <hailin.zhao@gdzx.xyz>
Date: Mon, 22 Dec 2025 00:55:03 -0800
Subject: [PATCH] fix(admin-web): lock Next.js to exact version 15.1.11 for
 CVE-2025-55182 fix
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Remove ^ to prevent npm from installing vulnerable 15.5.x versions

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---
 frontend/admin-web/package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/frontend/admin-web/package.json b/frontend/admin-web/package.json
index 766a4402..f3804074 100644
--- a/frontend/admin-web/package.json
+++ b/frontend/admin-web/package.json
@@ -19,7 +19,7 @@
     "axios": "^1.7.9",
     "clsx": "^2.1.1",
     "dayjs": "^1.11.13",
-    "next": "^15.1.11",
+    "next": "15.1.11",
     "react": "^18.3.1",
     "react-dom": "^18.3.1",
     "react-redux": "^9.2.0",