Next.js Security Release and Our Next Patch Release
Next.js is formalizing a monthly security release schedule, with the first planned patch targeting July 20, 2026, covering 4 high and 5 medium severity vulnerabilities across Next.js 16.2 and 15.5.
Stay updated with the latest Next.js releases, security patches, and feature updates.
Generate the latest config in seconds with ConfigDeck.
Next.js is formalizing a monthly security release schedule, with the first planned patch targeting July 20, 2026, covering 4 high and 5 medium severity vulnerabilities across Next.js 16.2 and 15.5.
Next.js 16.3 brings major Turbopack improvements focused on memory reduction in dev mode, persistent file system cache for builds, an experimental Rust-based React Compiler, and Vite-compatible import.meta.glob support.
Next.js 16.3 Preview deepens its bet on agent-driven development with auto-managed AGENTS.md, first-party Skills for multi-step workflows, React DevTools introspection in agent-browser, and structured actionable errors designed for both humans and coding agents.
Next.js 16.3 preview introduces 'Instant Navigations' — opt-in behaviors that let server-driven apps respond to link clicks without waiting for a network roundtrip, plus a reworked prefetching model that fetches one reusable shell per route instead of one request per link.