[Snyk] Security upgrade next from 15.5.6 to 15.5.18

[snyk-io]

Snyk has created this PR to fix 13 vulnerabilities in the pnpm dependencies of this project.

Snyk changed the following file(s):

• references/realtime-hooks-test/package.json

⚠️ Warning

Failed to update the pnpm-lock.yaml, please update manually before merging.

Vulnerabilities that will be fixed with an upgrade:

	Issue
	Allocation of Resources Without Limits or Throttling SNYK-JS-NEXT-16638674
	Acceptance of Extraneous Untrusted Data With Trusted Data SNYK-JS-NEXT-16638675
	Interpretation Conflict SNYK-JS-NEXT-16638676
	Use of Weak Hash SNYK-JS-NEXT-16638677
	Allocation of Resources Without Limits or Throttling SNYK-JS-NEXT-16638678
	Authentication Bypass Using an Alternate Path or Channel SNYK-JS-NEXT-16638679
	Allocation of Resources Without Limits or Throttling SNYK-JS-NEXT-16638680
	Cross-site Scripting (XSS) SNYK-JS-NEXT-16638681
	Server-side Request Forgery (SSRF) SNYK-JS-NEXT-16638682
	Incorrect Authorization SNYK-JS-NEXT-16638683
	Cross-site Scripting (XSS) SNYK-JS-NEXT-16638684
	Authentication Bypass Using an Alternate Path or Channel SNYK-JS-NEXT-16638685
	Authentication Bypass Using an Alternate Path or Channel SNYK-JS-NEXT-16638686

Breaking Change Risk

Notice: This assessment is enhanced by AI.

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Allocation of Resources Without Limits or Throttling
🦉 Use of Weak Hash
🦉 Cross-site Scripting (XSS)
🦉 More lessons are available in Snyk Learn

---

This change is 

[snyk-io]

This is a patch version upgrade that addresses multiple high-severity security vulnerabilities. No breaking API changes are documented.

Key Changes:

• Security Fixes: Version 15.5.18 is a security release that patches several vulnerabilities, including potential middleware bypass, denial of service (DoS), and cross-site scripting (XSS).

Recommendation:
It is highly recommended to upgrade immediately to ensure your application is protected against these vulnerabilities. The upgrade is not expected to require any code changes for standard applications.

Source: Next.js May 2026 security release

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.