Skip to content

Changelog

New updates and improvements at Cloudflare.

All products
hero image
  1. Starting today, everyone can opt in to a refreshed DNS records page in the Cloudflare dashboard. Over the coming weeks, the new experience will become the default for Free plan users first, followed by paid plans.

    New DNS records UX

    What is new

    • Better table experience: resizable and hideable columns, row pinning, advanced filters with logical operators (AND/OR), configurable pagination, and expanded input fields so long values are no longer cut off.
    • First-class mobile experience: responsive layout with a touch-friendly, card-based UI and compact controls for small screens.
    • DNS quick reference: bite-sized explainers for DNS, proxy status, and TTL, available directly in the product to help users configure records without leaving the page.
    • Modern frontend: a refactor onto Cloudflare's new UI framework that improves performance and lays the foundation for future improvements.
    New DNS records UX

    Rollout plan

    Dates are subject to change based on feedback received during the rollout.

    • 20 May - 05 June: ramped rollout to Free, then Pro and Business plans.
    • 08 June - 03 July: ramped rollout to Enterprise plans.

    Share your feedback

    Once the new experience is turned on for your account, look for the feedback link at the top of the DNS records page in the Cloudflare dashboard and let us know what you think. Your input helps us prioritize the next round of improvements.

  1. Radar now includes two new charts on the traffic page that provide deeper insights into the composition of HTTP traffic: a content type distribution chart and an API traffic share chart.

    Content type distribution

    The new Content type chart displays the distribution of HTTP response content types, grouped into high-level categories. A traffic type selector allows filtering by human, bot, or all traffic. The existing Bot vs. Human chart also gained a content type category filter, allowing users to see the bot/human split for specific content categories.

    Screenshot of the content type distribution chart on the Radar traffic page

    Content type categories:

    • HTML — Web pages (text/html)
    • Images — All image formats (image/*)
    • JSON — JSON data and API responses (application/json, *+json)
    • JavaScript — Scripts (application/javascript, text/javascript)
    • CSS — Stylesheets (text/css)
    • Plain Text — Unformatted text (text/plain)
    • Fonts — Web fonts (font/*, application/font-*)
    • XML — XML documents and feeds (text/xml, application/xml, application/rss+xml, application/atom+xml)
    • YAML — Configuration files (text/yaml, application/yaml)
    • Video — Video content and streaming (video/*, application/ogg, *mpegurl)
    • Audio — Audio content (audio/*)
    • Markdown — Markdown documents (text/markdown)
    • Documents — PDFs, Office documents, ePub, CSV (application/pdf, application/msword, text/csv)
    • Binary — Executables, archives, WebAssembly (application/octet-stream, application/zip, application/wasm)
    • Serialization — Binary API formats (application/protobuf, application/grpc, application/msgpack)
    • Other — All other content types

    The CONTENT_TYPE dimension and contentType filter are available on the HTTP summary, timeseries groups, and timeseries endpoints.

    API traffic share

    The new API traffic chart shows the percentage of dynamic (non-cacheable) HTTP request traffic that is API-related. API traffic is identified by JSON or XML response content types (application/json, application/xml, text/xml) on HTTP requests that returned a 200 status code. A traffic type selector allows switching between human traffic, bot traffic, or all traffic.

    Screenshot of the API traffic share chart on the Radar traffic page

    The API_TRAFFIC dimension is available on the existing HTTP summary and timeseries groups endpoints. An apiTraffic filter (API or NON_API) can also be applied to HTTP timeseries requests to retrieve raw request counts for API-only or non-API traffic.

    Visit the Radar traffic page to explore these new charts.

  1. Key Findings

    • Existing rule enhancements have been deployed to improve detection resilience against broad classes of web attacks and strengthen behavioral coverage.

    Continuous Rule Improvements

    We are continuously refining our managed rules to provide more resilient protection and deeper insights into attack patterns. To ensure an optimal security posture, we recommend consistently monitoring the Security Events dashboard and adjusting rule actions as these enhancements are deployed.

    RulesetRule IDLegacy Rule IDDescriptionPrevious ActionNew ActionComments
    Cloudflare Managed Ruleset N/ASitecore - Cache Poisoning - CVE:CVE-2025-53693 BetaN/ABlock

    This rule is merged into the original rule "Sitecore - Cache Poisoning - CVE:CVE-2025-53693" (ID: ).

  1. Cloudflare Access now supports using Cloudflare itself as an identity provider. If you publish an Access application and select Cloudflare as the login method, users can sign in with their existing Cloudflare account — no one-time PINs, no third-party IdP configuration, and no shared email inboxes. Authentication is backed by Cloudflare's own account security (including multi-factor authentication), making it both simpler to set up and more secure than OTP-based login for most use cases.

    Cloudflare is now the default identity provider for all newly created Zero Trust accounts, replacing One-time PIN.

    This also enables two new capabilities:

    • Cloudflare Account Member selector — A new policy selector that matches users based on their membership in a Cloudflare account. You can target the current account or specify a different account ID for cross-account access scenarios.
    • Restrict to account members — An identity provider configuration option that limits authentication to users who are members of your Cloudflare account.

    To get started, add Cloudflare as an identity provider in your Zero Trust settings.

  1. You can now receive event notifications for Artifacts repository changes and consume them from a Worker to build commit-driven automation.

    This allows you to:

    • Run custom workflows when a repository is created or imported
    • Kick off a build and deploy a change when an agent pushes to a repo
    • Trigger a review agent on every push

    Available events include:

    • Account-level events (artifacts source) — repo.created, repo.deleted, repo.forked, repo.imported
    • Repository-level events (artifacts.repo source) — pushed, cloned, fetched

    To learn more, refer to Artifacts documentation.

  1. Radar now includes an MRT Explorer tool in the Routing section. Route collectors like RIPE RIS and RouteViews publish MRT (Multi-Threaded Routing Toolkit) dump files containing BGP announcements, withdrawals, and route attributes. The new tool parses these files entirely in the browser — nothing gets uploaded.

    Loading a file

    Paste a URL to fetch an MRT file remotely, drag and drop one onto the page, or browse for a local file. Gzip and bzip2 compressed files are supported. A sample file is also available to get started right away.

    Screenshot of the MRT Explorer file input form

    Inspecting events

    Once parsed, the tool lists every BGP event with its timestamp, prefix, AS path, OTC (Only to Customer), and community attributes.

    Screenshot of the MRT Explorer event list

    Event details

    Clicking on the "View details" action opens a modal with additional properties and the full event JSON.

    Screenshot of the MRT Explorer event details modal

    Shareable URLs

    When loading a file by URL, the query string captures the source so the link can be shared directly — the recipient's browser immediately fetches and parses the same file.

    Try the MRT Explorer on Cloudflare Radar.

  1. You can now manage Artifacts namespaces, repos, and repo-scoped tokens directly from Wrangler CLI.

    Available commands:

    • wrangler artifacts namespaces list — List Artifacts namespaces in your account.
    • wrangler artifacts namespaces get — Get metadata for a namespace.
    • wrangler artifacts repos create — Create a repo in a namespace.
    • wrangler artifacts repos list — List repos in a namespace.
    • wrangler artifacts repos get — Get metadata for a repo.
    • wrangler artifacts repos delete — Delete a repo.
    • wrangler artifacts repos issue-token — Issue a repo-scoped token for Git access.

    To get started, refer to the Wrangler Artifacts commands documentation.

  1. You can now share local dev sessions through Cloudflare Tunnel and get a public URL when using either Wrangler or the Cloudflare Vite plugin. This is useful when you need to share a preview, test a webhook, or access your app from another device.

    Vite local dev tunnel demo

    This lets you either:

    To start a tunnel, press t in Wrangler or t + Enter in Vite while your dev server is running. For details on setting up a named tunnel, refer to Share a local dev server.

  1. R2 SQL is Cloudflare's serverless, distributed SQL engine for querying Apache Iceberg tables stored in R2 Data Catalog. R2 SQL runs directly on Cloudflare's global network with no infrastructure to manage, so you can analyze data in R2 without exporting it to an external warehouse.

    R2 SQL now supports joining multiple Iceberg tables in a single query. You can combine tables with JOINs, filter with subqueries, and define multi-table CTEs to build complex analytical queries.

    New capabilities

    • JOINsINNER JOIN, LEFT JOIN, RIGHT JOIN, FULL OUTER JOIN, CROSS JOIN, and implicit joins (comma-separated FROM with conditions in WHERE)
    • SubqueriesIN / NOT IN, EXISTS / NOT EXISTS, scalar subqueries in SELECT / WHERE / HAVING, and derived tables (subqueries in FROM)
    • Multi-table CTEsWITH clauses can reference different tables and include JOINs
    • Self-joins — join a table with itself using different aliases
    • Multi-way joins — join three or more tables in a single query

    Examples

    Two-table JOIN with aggregation

    SELECT z.domain, z.plan, COUNT(*) AS request_count
    FROM my_namespace.zones z
    INNER JOIN my_namespace.http_requests h ON z.zone_id = h.zone_id
    WHERE z.plan = 'enterprise'
    GROUP BY z.domain, z.plan
    ORDER BY request_count DESC
    LIMIT 20

    EXISTS subquery

    SELECT z.domain, z.plan
    FROM my_namespace.zones z
    WHERE EXISTS (
    SELECT 1 FROM my_namespace.firewall_events f
    WHERE f.zone_id = z.zone_id AND f.action = 'block'
    )
    ORDER BY z.domain
    LIMIT 20

    Multi-table CTE with JOIN

    WITH top_zones AS (
    SELECT zone_id, COUNT(*) AS req_count
    FROM my_namespace.http_requests
    GROUP BY zone_id
    ORDER BY req_count DESC
    LIMIT 50
    ),
    zone_threats AS (
    SELECT zone_id, COUNT(*) AS threat_count
    FROM my_namespace.firewall_events
    WHERE risk_score > 0.5
    GROUP BY zone_id
    )
    SELECT tz.zone_id, tz.req_count, COALESCE(zt.threat_count, 0) AS threat_count
    FROM top_zones tz
    LEFT JOIN zone_threats zt ON tz.zone_id = zt.zone_id
    ORDER BY tz.req_count DESC
    LIMIT 20

    For the full syntax reference, refer to the SQL reference. For performance guidance with joins, refer to Limitations and best practices.

  1. This emergency release introduces two new rules to detect nginx heap buffer overflow and heap spray exploitation attempts targeting the rewrite module's is_args stale-state bug (CVE-2026-42945).

    Key Findings

    CVE-2026-42945: nginx Heap Buffer Overflow via Stale is_args in Rewrite Module

    Successful exploitation allows remote attackers to trigger a heap buffer overflow in nginx's rewrite module by sending crafted URIs containing escapable characters. A length/copy pass mismatch in ngx_http_script_copy_capture_code() causes the copy pass to write escaped data into an undersized buffer, leading to heap corruption. This enables denial of service (worker process crash) and, with heap feng shui techniques, potential remote code execution.

    We strongly recommend upgrading to nginx 1.30.1 (or later) immediately to address the underlying vulnerability. If you cannot upgrade immediately, avoid rewrite directives with ? in the replacement string followed by set or if referencing capture groups.

    RulesetRule IDLegacy Rule IDDescriptionPrevious ActionNew ActionComments
    Cloudflare Managed Ruleset N/Anginx - Remote Code Execution - Buffer Overread - CVE:CVE-2026-42945N/ABlock

    This is a new detection.

    Cloudflare Managed Ruleset N/Anginx - Remote Code Execution - Heap Spray - CVE:CVE-2026-42945N/ABlock

    This is a new detection.

  1. In your Worker's dashboard, there is now a dedicated Domains tab where you can purchase a new domain through Cloudflare Registrar and have it automatically connected, add an existing domain, and manage all of your Worker's routing in one place.

    The new Domains tab in the Workers dashboard

    You can also enable or disable your workers.dev subdomain and Preview URLs, put them behind Cloudflare Access to require sign-in, and jump directly to analytics or domain overview for any connected domain.

    To get started, go to Workers & Pages, select a Worker, and open the Domains tab.

    Go to Workers & Pages
  1. The latest release of the Agents SDK brings more reliable chat recovery, fixes Agent state synchronization during reconnects, adds durable submissions for Think, exposes routing retry configuration, and adds connection control for Voice agents.

    Chat recovery improvements

    @cloudflare/ai-chat now keeps server turns running when a browser or client stream is interrupted. This is useful for long-running AI responses where users refresh the page, close a tab, or temporarily lose connection. Calling stop() still cancels the server turn.

    Set cancelOnClientAbort: true if browser or client aborts should also cancel the server turn:

    JavaScript
    const chat = useAgentChat({
    agent: "assistant",
    name: "user-123",
    cancelOnClientAbort: true,
    });

    Notable bug fixes:

    • Chat stream resume negotiation no longer throws when replay races with a closed WebSocket connection.
    • Recovered chat continuations no longer leave useAgentChat stuck in a streaming state when the original socket disconnects before a terminal response.
    • Approval auto-continuation preserves reasoning parts and persists continuation reasoning in the final message.
    • isServerStreaming now resets correctly when a resumed stream moves from the fallback observer path to a transport-owned stream.

    Agent state and routing fixes

    agents@0.12.4 prevents duplicate initial state frames during WebSocket connection setup. This avoids stale initial state messages overwriting state updates already sent by the client.

    Agent recovery is also more reliable when tool calls span a Durable Object restart. Recovery now defers user finish hooks until after agent startup and isolates hook failures, so one failed hook does not block other recovered runs from finalizing.

    getAgentByName() now supports routingRetry for transient Durable Object routing failures:

    JavaScript
    import { getAgentByName } from "agents";
    const agent = await getAgentByName(env.AssistantAgent, "user-123", {
    routingRetry: {
    maxAttempts: 3,
    },
    });

    Durable Think submissions

    @cloudflare/think now supports durable programmatic submissions. submitMessages() provides durable acceptance, idempotent retries, status inspection, cancellation, and cleanup for server-driven turns that should continue after the caller returns.

    Think.chat() RPC turns now run inside chat recovery fibers and persist their stream chunks. Interrupted sub-agent turns can recover partial output instead of starting over.

    ChatOptions.tools has been removed from the TypeScript API. Define durable tools on the child agent or use agent tools for orchestration. Runtime options.tools values passed by legacy callers are ignored with a warning.

    Think message pruning behavior change

    @cloudflare/think no longer applies pruneMessages({ toolCalls: "before-last-2-messages" }) to model context by default. The previous default could strip client-side tool results from longer multi-turn flows.

    truncateOlderMessages still runs as before, so context cost remains bounded. Subclasses that relied on the old aggressive pruning can opt back in from beforeTurn:

    JavaScript
    import { Think } from "@cloudflare/think";
    import { pruneMessages } from "ai";
    export class MyAgent extends Think {
    beforeTurn(ctx) {
    return {
    messages: pruneMessages({
    messages: ctx.messages,
    toolCalls: "before-last-2-messages",
    }),
    };
    }
    }

    Voice agent connection control

    @cloudflare/voice adds an enabled option to useVoiceAgent. React apps can now delay creating and connecting a VoiceClient until prerequisites such as capability tokens are ready.

    JavaScript
    const voice = useVoiceAgent({
    agent: "MyVoiceAgent",
    enabled: Boolean(token),
    });

    This release also fixes Workers AI speech-to-text session edge cases and withVoice text streaming from AI SDK textStream responses.

    Other improvements

    • Streamable HTTP routing — Server-to-client requests now route through the originating POST stream when no standalone SSE stream is available.
    • Structured tool output — Tool output shapes are preserved when truncating older messages or oversized persisted rows.
    • Non-chat Think tool steps — Think agent-tool children can complete without emitting assistant text and can return structured output through getAgentToolOutput.
    • Sub-agent schedules — Stale sub-agent schedule rows are pruned when their owning facet registry entry no longer exists.
    • @cloudflare/codemode — Adds a browser-safe export with an iframe sandbox executor and resolves OpenAPI specs inside the sandbox to avoid Worker Loader RPC size limits.

    Upgrade

    To update to the latest version:

    Terminal window
    npm i agents@latest @cloudflare/ai-chat@latest @cloudflare/think@latest @cloudflare/voice@latest

    Refer to the Agents API reference and Chat agents documentation for more information.

  1. Cloudflare has updated Logpush datasets:

    New datasets

    • Email Security Post-Delivery Events: A new dataset with fields including AlertID, CompletedAt, Destination, FinalDisposition, Folder, From, FromName, MessageID, MessageTimestamp, MicrosoftTenantID, Operation, PostfixID, Reasons, Recipient, RequestedAt, RequestedBy, RequestedDisposition, Status, Subject, Success, and To.
    • Magic Network Monitoring Flow Logs: A new dataset with fields including AWSVPCFlowJSON, Bits, DestinationAS, DestinationAddress, DestinationPort, DeviceID, EgressBits, EgressPackets, Ethertype, FlowProtocol, FlowTimestamp, NumFlows, PacketID, Packets, Protocol, RuleIDs, SampleRate, SampleRateType, SamplerAddress, SourceAS, SourceAddress, SourcePort, TcpFlags, and Timestamp.

    Updated fields in existing datasets

    • Firewall events (added): AISecurityInjectionScore, AISecurityPIICategories, AISecurityTokenCount, and AISecurityUnsafeTopicCategories.
    • HTTP requests (added): AISecurityInjectionScore, AISecurityPIICategories, AISecurityTokenCount, AISecurityUnsafeTopicCategories, and Subrequests.

    For the complete field definitions for each dataset, refer to Logpush datasets.

  1. The /cdn-cgi/rum beacon endpoint now returns 405 Method Not Allowed for non-POST requests instead of 404 Not Found. The response includes an Allow: POST, OPTIONS header per RFC 9110 §15.5.6.

    Previously, sending a GET or other non-POST request to this endpoint returned a 404, which was misleading because it suggested the endpoint did not exist. The new 405 response clearly indicates that the endpoint exists but only accepts POST requests.

    The Web Analytics beacon (beacon.min.js) already uses POST for all metric submissions, so this change does not affect normal beacon operation. OPTIONS requests for CORS preflight continue to work as before.

    For more information, refer to the Web Analytics FAQ.

  1. The Access login page and one-time password (OTP) page now feature a refreshed design that improves visual consistency, user trust, and mobile responsiveness.

    Before:

    Screenshot of the previous Access login page

    After:

    Screenshot of the updated Access login page

    The updated login experience includes:

    • Unified authentication card - All sign-in options (identity provider buttons, email input, OTP) now appear in a single card with consistent styling, replacing the previous multi-section layout.
    • Consistent button styling - Identity provider buttons use a uniform size and layout for easier scanning and selection.
    • Better mobile experience - Responsive layout improvements ensure the login page renders correctly on phones and tablets.
    • Dark mode support - The login page now supports dark mode.
  1. SSH through Wrangler is now enabled by default for Containers. Previously, you had to set ssh.enabled to true in your Container configuration before you could connect.

    This change does not expose any publicly accessible ports on your Container. The SSH service is reachable only through wrangler containers ssh, which authenticates against your Cloudflare account. You also need to add an ssh-ed25519 public key to authorized_keys before anyone can connect, so enabling SSH alone does not grant access.

    To connect, add a public key to your Container configuration and run wrangler containers ssh <INSTANCE_ID>:

    JSONC
    {
    "containers": [
    {
    "authorized_keys": [
    {
    "name": "<NAME>",
    "public_key": "<YOUR_PUBLIC_KEY_HERE>",
    },
    ],
    },
    ],
    }

    To disable SSH, set ssh.enabled to false in your Container configuration:

    JSONC
    {
    "containers": [
    {
    "ssh": {
    "enabled": false,
    },
    },
    ],
    }

    For more information, refer to the SSH documentation.

  1. Cloudflare Gateway now supports natural language policy creation for DNS, HTTP, and Network firewall policies. Administrators can describe the outcome they want in plain language, and Cloudflare will generate a complete policy rule that populates the policy builder form.

    Create with AI button on the Gateway firewall policies page

    To create a policy with natural language, select Create with AI on any Gateway firewall policy tab. Choose a policy type, describe what the policy should do, and a fully configured rule will appear in the policy builder for review. You can edit any field before saving, or re-generate with a different prompt.

    The generated policy incorporates your account context - including lists, DLP profiles, applications, and device posture checks - so that references to your existing resources resolve automatically.

    A built-in feedback mechanism allows you to rate each generated policy and provide optional comments, which Cloudflare uses to improve output quality over time.

    For more information, refer to Gateway firewall policies.

  1. R2 Data Catalog is a managed Apache Iceberg data catalog built directly into your R2 bucket that allows you to connect query engines like R2 SQL, Spark, Snowflake, and DuckDB to your data in R2.

    You can now query analytics for your R2 Data Catalog warehouses via Cloudflare's GraphQL Analytics API. Two new datasets are available:

    • r2CatalogDataOperationsAdaptiveGroups tracks Iceberg REST API requests made to your catalog, including operation type, request duration, HTTP status, and request body bytes. Use this to monitor request volume and latency across warehouses, namespaces, and tables.
    • r2CatalogTableMaintenanceAdaptiveGroups tracks table maintenance jobs such as compaction and snapshot expiration. Use this to monitor job success rates, files processed, bytes read and written, and job duration.

    Both datasets support filtering by warehouse name, namespace, table name, and time range. They also include percentile aggregations for duration metrics.

    For detailed schema information and example queries, refer to the R2 Data Catalog metrics and analytics documentation.

  1. A new GA release for the Windows Cloudflare One Client is now available on the stable releases downloads page.

    This release introduces the new Cloudflare One Client UI for Windows! You can expect a cleaner and more intuitive design as well as easier access to common actions and information. Here are some of the many things we have found our users appreciate:

    • Right click context menu to access the most common client actions quickly
    • Built-in captive portal login experience

    Additional Changes and improvements

    • Added a new CLI command: warp-cli mdm refresh. This command executes an immediate refresh of the Mobile Device Management (MDM) configuration file.

    Known issues

    • Registration authentication for devices via the integrated WebView2 browser is unavailable in this version as a temporary measure. As a result, the client will utilize the default browser on the device to complete the authentication process.
    • An error indicating that Microsoft Edge can't read and write to its data directory may be displayed during captive portal login; this error is benign and can be dismissed.
    • Registration may hang at "Checking your organization configuration" due to IPC errors. A system reboot should resolve the error, allowing registration to proceed.
    • Split tunnel list configuration is not available in the new UI. Management of Split Tunnel entries is currently only possible via warp-cli tunnel ip and warp-cli tunnel host. UI support will be added in a future release.
    • Windows ARM may prompt the user to close running applications while trying to install this version. Simply click “Ok” with the default highlighted option.
    • DNS resolution may be broken when the following conditions are all true:
      • The client is in Secure Web Gateway without DNS filtering (tunnel-only) mode.
      • A custom DNS server address is configured on the primary network adapter.
      • The custom DNS server address on the primary network adapter is changed while the client is connected.
        To work around this issue, please reconnect the client by selecting "disconnect" and then "connect" in the client user interface.
  1. A new GA release for the macOS Cloudflare One Client is now available on the stable releases downloads page.

    This release introduces the new Cloudflare One Client UI for macOS! You can expect a cleaner and more intuitive design as well as easier access to common actions and information. Here are some of the many things we have found our users appreciate:

    • Right click context menu to access the most common client actions quickly
    • Built-in captive portal login experience

    Additional Changes and improvements

    • Added a new CLI command: warp-cli mdm refresh. This command executes an immediate refresh of the Mobile Device Management (MDM) configuration file.

    Known issues

    • Registration may hang at "Checking your organization configuration" due to IPC errors. A system reboot should resolve the error, allowing registration to proceed.
    • Split tunnel list configuration is not available in the new UI. Management of split tunnel entries is currently only possible via warp-cli tunnel ip and warp-cli tunnel host. UI support will be added in a future release.
  1. A new GA release for the Linux Cloudflare One Client is now available on the stable releases downloads page.

    This release introduces the new Cloudflare One Client UI for Linux! You can expect a cleaner and more intuitive design as well as easier access to common actions and information. Here are some of the many things we have found our users appreciate:

    • Right click context menu to access the most common client actions quickly
    • Built-in captive portal login experience

    Changes and improvements

    • Added a new CLI command: warp-cli mdm refresh. This command executes an immediate refresh of the Mobile Device Management (MDM) configuration file.
    • Official support for RHEL 9 has been added for Cloudflare Mesh nodes. To install the RHEL 9 package, the Extra Packages for Enterprise Linux (EPEL) repository must be active, as it contains dependencies required for the tray icon and captive portal webview.

    Known issues

    • Registration may hang at "Checking your organization configuration" due to IPC errors. A system reboot should resolve the error, allowing registration to proceed.
    • Split tunnel list configuration is not available in the new UI. Management of split tunnel entries is currently only possible via warp-cli tunnel ip and warp-cli tunnel host. UI support will be added in a future release.
  1. Cloudflare IPsec now supports the standard NAT traversal (NAT-T) flow, where IKE begins on UDP port 500 and switches to UDP port 4500 after NAT is detected.

    Previously, devices behind NAT had to be configured to initiate IKE on UDP port 4500 directly. Devices that started on UDP port 500 could not complete the IKE handshake when NAT was in the path. This required custom configuration on devices such as VeloCloud SD-WAN edges, Cisco IOS-XE routers, and Juniper SRX firewalls, and was not possible on every platform.

    What changed:

    • Devices behind NAT can now initiate IKE on either UDP port 500 or UDP port 4500.
    • Devices that start IKE on UDP port 500 and switch to UDP port 4500 after NAT detection now complete the handshake successfully.
    • No configuration change is required on Cloudflare. The change is available for all IPsec tunnels on Cloudflare WAN and Magic Transit.

    This change does not affect existing tunnels:

    • Tunnels using UDP port 500 with no NAT detected continue to operate as before.
    • Tunnels configured to start IKE on UDP port 4500 continue to operate as before.
    • NAT detection logic is unchanged.

    For configuration details, refer to GRE and IPsec tunnels.

  1. Key Findings

    • Existing rule enhancements have been deployed to improve detection resilience against broad classes of web attacks and strengthen behavioral coverage.

    Continuous Rule Improvements

    We are continuously refining our managed rules to provide more resilient protection and deeper insights into attack patterns. To ensure an optimal security posture, we recommend consistently monitoring the Security Events dashboard and adjusting rule actions as these enhancements are deployed.

    RulesetRule IDLegacy Rule IDDescriptionPrevious ActionNew ActionComments
    Cloudflare Managed Ruleset N/ARemote Code Execution - Java Deserialization - Body - BetaBlockDisabled

    This is a new detection. This rule is merged into the original rule "Remote Code Execution - Java Deserialization" (ID: ).

  1. Announcement DateRelease DateRelease BehaviorLegacy Rule IDRule IDDescriptionComments
    2026-05-112026-05-18DisabledN/A Sitecore - Cache Poisoning - CVE:CVE-2025-53693

    This is a new detection. This rule will be merged into the original rule "Remote Code Execution - Java Deserialization" (ID: )

  1. We are refreshing the Workers AI model catalog to make room for newer releases. Please update your apps to remove references to the models listed below before the deprecation date.

    For pricing, refer to the Workers AI pricing page.

    Kimi K2.5

    We originally stated Kimi K2.5 would be deprecated on May 10, 2026, however we have extended the deprecation date to May 30, 2026. Requests will be automatically aliased to Kimi K2.6 on May 30, 2026, which has a higher price. Please review the @cf/moonshotai/kimi-k2.6 pricing and model capabilities prior to May 30, 2026 to ensure that the model suits your needs.

    Models deprecated on May 30, 2026

    • @cf/moonshotai/kimi-k2.5 --> @cf/moonshotai/kimi-k2.6
    • @hf/meta-llama/meta-llama-3-8b-instruct
    • @cf/meta/llama-3-8b-instruct
    • @cf/meta/llama-3-8b-instruct-awq
    • @cf/meta/llama-3.1-8b-instruct
    • @cf/meta/llama-3.1-8b-instruct-awq
    • @cf/meta/llama-3.1-70b-instruct
    • @cf/meta/llama-2-7b-chat-int8
    • @cf/meta/llama-2-7b-chat-fp16
    • @cf/mistral/mistral-7b-instruct-v0.1
    • @hf/mistral/mistral-7b-instruct-v0.2
    • @hf/google/gemma-7b-it
    • @cf/google/gemma-3-12b-it
    • @hf/nousresearch/hermes-2-pro-mistral-7b
    • @cf/microsoft/phi-2
    • @cf/defog/sqlcoder-7b-2
    • @cf/unum/uform-gen2-qwen-500m
    • @cf/facebook/bart-large-cnn

    Variants that remain active

    The -fast and -lora variants of models will remain active, including:

    • @cf/meta/llama-3.3-70b-instruct-fp8-fast
    • @cf/meta/llama-3.1-8b-instruct-fast
    • @cf/google/gemma-7b-it-lora
    • @cf/google/gemma-2b-it-lora
    • @cf/mistral/mistral-7b-instruct-v0.2-lora
    • @cf/meta-llama/llama-2-7b-chat-hf-lora

    LoRA models may be deprecated in the future. We will be adding more LoRA capabilities to the catalog, and will communicate when new LoRA models come online to give users time to train new LoRAs before we deprecate old ones.

    For the full list of available models, refer to the Workers AI model catalog.