Skip to content

Changelog

New updates and improvements at Cloudflare.

Application security
hero image
  1. Announcement DateRelease DateRelease BehaviorLegacy Rule IDRule IDDescriptionComments
    2026-07-062026-07-13LogN/A Citrix Netscaler ADC - Insufficient Input Validation - CVE:CVE-2026-8451

    This is a new detection.

    2026-07-062026-07-13LogN/A Progress Kemp LoadMaster - Remote Code Execution - CVE:CVE-2026-8037

    This is a new detection.

  1. Not all AI traffic is the same. Now, all customers — including those on the Free plan — can manage AI crawlers based on what they actually do on your site. Cloudflare groups AI traffic into three behaviors you can control independently: Search, Agent, and Training. This lets you keep the automated traffic that sends readers and revenue back to you, while blocking the traffic that only takes from your content.

    Each behavior maps to a real use case. Search covers crawlers that index your content so they can answer questions about it later, where you should expect referral traffic or other equitable compensation in return. Agent covers automated activity acting in real time on a person's behalf, such as chat fetch bots and browser-use agents. Training covers crawlers that take your content to train or fine-tune a model. For each preset you can choose to block on all pages, block only on pages that display ads, or choose not to block.

    The Configure AI bot traffic policies screen, where Search, Agent, and Training can each be set to allow, block, or block only on pages with ads

    Starting September 15, 2026, new domains onboarding to Cloudflare receive updated defaults: Bots classified as Training or as Agent are blocked on pages that display ads, while Search remains allowed. On that date, multi-purpose crawlers that combine Search and Training will be affected by the new defaults to block Training. All customers can opt out of the new defaults at any time before September 15.

  1. With Content Independence Day 2026, Enterprise Bot Management customers get two new tools that make bot traffic far easier to see and reason about: BotBase, a searchable directory of every bot Cloudflare tracks, and Attribution Business Insights, a dashboard that shows how much value each crawler sends back to your business.

    BotBase is Cloudflare's directory of all known bots and agents, available directly in the dashboard. It shows how Cloudflare classifies each bot by behavior — Search, Agent, Training, and other categories such as Transact, Data Collection, SEO, and Ads Verification — so you can understand why a given crawler is visiting you. You can search and filter the full catalogue, filter your own traffic down to a single bot to investigate its activity on your zone, and copy any bot's detection ID to target it precisely in Security rules. Every tracked bot in BotBase is also published in Cloudflare Radar's bots and agents directory.

    Attribution Business Insights is built for content owners and business decision-makers who want to know which bots help or harm their business, without reading rule syntax. The dashboard reports crawl-to-referral ratios both site-wide and per bot operator — comparing how often a company crawls your content against how many visitors it actually refers back — over the last 24 hours, 7 days, or 30 days. Each operator is labeled with Cloudflare's updated classification and an action status of Allowed, Blocked, or Partially blocked, giving stakeholders a shared, at-a-glance view of the AI traffic reaching your site.

    The Attribution Business Insights dashboard, showing bot traffic, content page requests, crawl-to-referral ratio, and a per-operator bot activity table
  1. This release adds targeted coverage for a path traversal flaw in Fortinet FortiSandbox (CVE-2026-39813) and transitions the Anomaly:Header:User-Agent - Fake Bing or MSN Bot rule action from Block to Disabled.

    Key Findings

    • CVE-2026-39813: A path traversal vulnerability in Fortinet FortiSandbox allows remote, unauthenticated attackers to read arbitrary files from the underlying filesystem due to insufficient validation of user-supplied input paths.
    RulesetRule IDLegacy Rule IDDescriptionPrevious ActionNew ActionComments
    Cloudflare Managed Ruleset N/AFortinet FortiSandbox - Path Traversal - CVE:CVE-2026-39813LogBlock

    This is a new detection.

    Cloudflare Managed Ruleset N/AAnomaly:Header:User-Agent - Fake Bing or MSN BotEnabledDisabled

    We are changing the action for this rule from BLOCK to Disabled

  1. Regional Services now supports Regionalized IP Bindings, letting you regionalize traffic at the IP layer for prefixes you bring to Cloudflare through Bring Your Own IP (BYOIP).

    Where Regional Hostnames regionalize traffic by hostname, Regionalized IP Bindings let you bind a CIDR from one of your prefixes to a region — ideal for address-map deployments and any service you address by IP rather than hostname. Cloudflare then terminates TLS and processes traffic to those addresses only within the data centers in that region.

    Regionalized IP Bindings requires the Regional Services and Regional Services for BYOIP entitlements. Contact your account team to enable them.

    To get started, refer to Regionalized IP Bindings.

  1. This week's release introduces new managed protection to address a critical pre-authentication OS command injection vulnerability in Ivanti Sentry (CVE-2026-10520).

    Key Findings

    • CVE-2026-10520: An OS command injection vulnerability in Ivanti Sentry allows remote, unauthenticated attackers to execute arbitrary system commands with root privileges. The flaw stems from improper sanitization of input strings parsed during internal configuration handling.
    RulesetRule IDLegacy Rule IDDescriptionPrevious ActionNew ActionComments
    Cloudflare Managed Ruleset N/AIvanti Sentry - Command Injection - CVE:CVE-2026-10520LogBlock

    This is a new detection.

  1. The Routes page in the Cloudflare dashboard now shows the routes across all of your connectors — Cloudflare Mesh and Cloudflare Tunnel routes alongside Cloudflare WAN and Magic Transit static routes — in a single table, instead of a separate routes view per product.

    The unified Routes page in the Cloudflare dashboard, showing routes across connectors in a single table

    From the unified Routes page you can:

    • Visualize your network with an interactive map that shows how your destinations flow through to your connectors — including equal-cost multi-path (ECMP) routes where the same prefix is served by several connectors. Select a node to filter the table down to the routes behind it.
    • See every route in one table, with its destination, type, connector, priority, and source, and filter or sort to find what you need.
    • Create, edit, and delete routes of any supported type without leaving the page. When adding a Cloudflare WAN or Magic Transit static route, you now pick the next hop by connector name instead of typing its IP.
    • Manage virtual networks from a dedicated tab.
    • Test a route to see which connector and next hop a destination resolves to before you commit a change.

    To find it, go to Networking > Routes in the dashboard sidebar.

    Go to Routes

    Your existing routes, APIs, and configurations are unchanged — this is a dashboard experience that brings them together in one place. Learn how to add routes and manage virtual networks.

  1. Cloudflare now accepts ML-DSA (FIPS 204) post-quantum certificates on the connection between Cloudflare's edge and your origin server. Combined with our existing X25519MLKEM768 key agreement, this lets you establish end-to-end post-quantum authentication on the Cloudflare-to-origin connection.

    ML-DSA is supported in two origin-facing features:

    Refer to Post-quantum signatures for certificate generation and setup guidance, and to PQC in Cloudflare products for the current post-quantum deployment status across Cloudflare.

  1. You can now match incoming requests against Cloudforce One threat intelligence in your WAF rules. A new detection looks up the client IP address of each request against the threat intelligence database. If the IP was involved in threat activity in the past seven days, Cloudflare populates cf.intel.ip.* fields that you can use in custom rules and rate limiting rules.

    The detection populates the following fields. Use the any() function with the [*] wildcard to match array values:

    • cf.intel.ip.datasets — the dataset that flagged the IP address (ddos or waf).
    • cf.intel.ip.target_industries — industries the IP address has targeted.
    • cf.intel.ip.attacker_names — known threat actors associated with the IP address.
    • cf.intel.ip.attacker_countries — source countries of the threat activity.
    • cf.intel.ip.target_countries — countries the IP address has targeted.

    For example, the following custom rule expression blocks requests from IP addresses associated with DDoS activity that have targeted France:

    any(cf.intel.ip.target_countries[*] == "FR") and any(cf.intel.ip.datasets[*] == "ddos")

    These fields work with the Cloudflare API and Terraform. Matches are logged in Security Analytics.

    The threat intelligence detection is available to customers with an active Cloudforce One subscription. For more information, refer to Threat intelligence.

  1. This week's release introduces new managed protection to address a critical SQL injection vulnerability in Ghost CMS (CVE-2026-26980) and a new generic rule designed to identify and block sophisticated SQL Injection (SQLi) bypass attempts leveraging obfuscated boolean logic. These rules protect affected installations from unauthorized data exfiltration at the network edge.

    Key Findings

    • CVE-2026-26980: A blind SQL injection vulnerability in the Ghost CMS Content API (versions 3.24.0 to 6.19.0) allows unauthenticated remote attackers to inject malicious SQL commands via query parameters due to improper input validation.
    RulesetRule IDLegacy Rule IDDescriptionPrevious ActionNew ActionComments
    Cloudflare Managed Ruleset N/AGhost CMS - SQLi - CVE:CVE-2026-26980LogBlock

    This is a new detection.

    Cloudflare Managed Ruleset N/ASQLi - Obfuscated Boolean - URILogDisabled

    This is a new detection.

  1. TL;DR: Brand Protection now features an Automated Cease & Desist (C&D) workflow. When you discover an infringing domain hosted outside of Cloudflare, you can instantly generate, review, and download a custom-branded, pre-filled legal notice in seconds.

    Why this matters

    This update introduces a major shift from pure detection to actionable enforcement, eliminating the manual burden for your Trust & Safety and Legal teams:

    • Instant WHOIS and Recipient Lookup: We automatically scrape registrar data and WHOIS contact information (such as the registrant or registrar abuse email) behind the scenes, highlighting exactly where your notice needs to be sent
    • Smart Template Automation: We pre-fill your custom-branded templates with essential metadata, including the infringing domain, registrar name, and discovery date.
    • Tailored Enforcement Tones: Choose from three default layout strategies depending on the severity of the infrastructure match:
      • Exact Match: A formal demand for identical trademark infringements
      • Similar Match: A standard notice optimized for typosquatting (one-character distance matches)
      • Friendly Tone: An amicable initial outreach for potential unintentional or accidental infringements
    • Full Editing Control: Before creating the final PDF, a real-time review screen allows you to fine-tune the messaging, modify placeholders, and ensure your text aligns perfectly with internal legal standards

    How it works

    When reviewing a malicious domain match inside your dashboard, your enforcement path splits depending on where the attacker is located:

    1. On the Cloudflare Network: If the domain uses Cloudflare’s network or registrar, trigger our existing integrated abuse reporting flow with one click.
    2. Hosted Elsewhere: If the domain is hosted on an external provider, click the Generate C&D Letter option to launch the new document builder, pick your template, verify the auto-populated recipient data, and download your finalized PDF.

    You can manage your templates and enforce matches by going to the Cloudflare Dashboard > Application Security > Brand Protection and selecting your detected Brand Protection matches. For more information, read the Brand Protection documentation.

    Note: Cloudflare does not represent you and cannot provide you with legal advice. Only you can decide whether your rights have been infringed, whether a cease and desist letter is appropriate, and what that letter should say.

  1. This release introduces new detections for a critical SQL injection vulnerability in Drupal installations utilizing PostgreSQL (CVE-2026-9082), alongside targeted protection for an unsafe deserialization flaw in the Mirasvit Cache Warmer extension (CVE-2026-45247). Additionally, this release includes coverage for a prototype pollution vector in Axios (CVE-2026-40175) and a new generic rule designed to identify and block sophisticated SQL Injection (SQLi) bypass attempts leveraging obfuscated boolean logic.

    Key Findings

    • CVE-2026-9082: A database abstraction vulnerability affects Drupal sites configured with a PostgreSQL backend. Remote, unauthenticated attackers can exploit this flaw via crafted inputs to inject malicious SQL commands and access or manipulate backend data.

    • CVE-2026-45247: A PHP Object Injection vulnerability exists in the Mirasvit Cache Warmer extension for Magento and Adobe Commerce. This flaw stems from unsafe deserialization of untrusted user input, enabling unauthenticated attackers to execute arbitrary code on the hosting server.

    • CVE-2026-40175: A prototype pollution vulnerability affects the Axios HTTP client library. Attackers can exploit this to inject malicious properties into the global JavaScript object prototype, potentially causing application crashes (Denial of Service) or executing unauthorized code depending on the application structure.

    Impact

    Successful exploitation of these vulnerabilities could allow unauthenticated attackers to execute arbitrary code, manipulate database contents, or induce application crashes, leading to severe operational disruption or complete server compromise. These newly deployed signatures intercept these advanced malicious payloads at the edge before they can interact with vulnerable software configurations.

    RulesetRule IDLegacy Rule IDDescriptionPrevious ActionNew ActionComments
    Cloudflare Managed Ruleset N/AAxios - Prototype Pollution - CVE:CVE-2026-40175LogBlock

    This is a new detection.

    Cloudflare Managed Ruleset N/ADrupal - PostgreSQL SQLi - CVE:CVE-2026-9082 - BodyLogBlock

    This is a new detection.

    Cloudflare Managed Ruleset N/ADrupal - PostgreSQL SQLi - CVE:CVE-2026-9082 - URILogBlock

    This is a new detection.

    Cloudflare Managed Ruleset N/ASQLi - Obfuscated Boolean - BodyN/ADisabled

    This is a new detection.

    Cloudflare Managed Ruleset N/ASQLi - Obfuscated Boolean - HeadersN/ADisabled

    This is a new detection.

    Cloudflare Managed Ruleset N/AMirasvit Cache Warmer - PHP Object Injection - CVE:CVE-2026-45247N/ABlock

    This is a new detection.

  1. Cloudforce One users can now turn Threat Events indicators into active defense. With this update, users can instantly generate a WAF rule that matches the dynamic list of IP addresses returned by any of their Saved Views.

    Why this matters

    Threat intelligence is most effective when it is immediately actionable. Previously, blocking threat actors required manually extracting indicators from threat events and copying them into your firewall rules. This new integration bridges the gap between threat discovery and threat mitigation:

    • When you identify an active threat pattern - such as an ongoing campaign targeting a specific industry, or using a known indicator type - you can pivot from investigation to mitigation in a single click.
    • Instead of writing complex, static IP rules, this functionality allows you to leverage the specific filtering logic you have already defined and saved within your Threat Events ecosystem.
    • Automating the generation of the WAF rule expression from your threat views eliminates manual copying errors, ensuring that the right malicious infrastructure is blocked instantly.

    How to use it

    You can implement these rules through both the dashboard UI and via the API / Terraform.

    Go to Cloudflare Dashboard > Application Security > Threat Intelligence > Manage Views, select your desired view, and select Create WAF Rule.

    This will automatically pre-populate the WAF rule builder with the matching threat event IP indicators.

    You can also automate this workflow by utilizing the WAF Rule Builder API alongside your Threat Events saved views endpoints.

  1. TL;DR: We’ve launched Threat Actor Profiles directly inside the Threat Events dashboard. You can now immediately pivot from a generic alert or blocked event to a profile that unmasks the "Who, Why, and How" behind a threat event.

    Why this matters

    Security teams often suffer from a visibility gap. When an attack is blocked, it's difficult to know if it was a random automated bot or a sophisticated advanced persistent threat (APT) campaign specifically targeting your industry. Finding out usually means leaving your security dashboard to hunt through external OSINT feeds or static, out-of-date threat reports. Threat Actor Profiles solve this by sharing Cloudforce One’s deep adversary research directly inside your workflow:

    • Cloudflare sees the traffic in real-time across approximately 20% of the web. This means actor profiles display active malicious infrastructure the moment it touches our global edge.
    • Every profile provides clear strategic and tactical modules including alternative aliases, origin tracking, historical threat event volume, and MITRE ATT&CK mapping detailing the adversary's technical methods.
    • You can search the dedicated threat actor directory or click an actor's name inside any threat event to view all details and related events to the specific threat actor.

    How to use it

    Adversary tracking is now available in the Cloudflare Dashbboard and ready to be included in your daily investigation workflow:

    • Click on the Threat Actor name in the Threat Events table to open their full identity profile and review their aliases and attack stats.
    • Navigate to Cloudflare Dashboard > Application Security > Threat Intelligence to explore the new Threat Actors tab. Here, you can browse a card-based directory of all established entities tracked by Cloudforce One.

    Learn more in the Cloudforce One documentation.

  1. Security Insights scans now run more often. Cloudflare scans Free accounts every 7 days, Pro and Business accounts every 3 days, and Enterprise accounts daily.

    In addition, all accounts and zones now receive scans by default. You no longer need to enable scans before Cloudflare checks your account for misconfigurations, vulnerabilities, and other security risks.

    Granular on-demand scans are now available on any plan. You can trigger an on-demand scan for any zone, insight, insight type from the Cloudflare dashboard in order to quickly re-check your security posture after remediating an issue.

    To learn more, refer to the Security Insights documentation.

  1. Starting with cloudflared version 2026.5.2, Cloudflare Tunnel automates the entire connectivity pre-checks workflow directly inside the binary. Previously, customers had to install dig and netcat and run those commands by hand to verify their environment. Now cloudflared does it natively at startup — and surfaces actionable remediation when something is blocked.

    cloudflared connectivity pre-checks output

    On every cloudflared tunnel run (and cloudflared tunnel diag), the binary now natively checks:

    • DNS resolutionregion1.v2.argotunnel.com and region2.v2.argotunnel.com resolve to valid Cloudflare IPs.
    • Transport connectivity — outbound UDP (QUIC) and TCP (HTTP/2) on port 7844.
    • Management API — outbound TCP/443 to api.cloudflare.com for software updates.

    Results are printed in a scannable CLI table with three states:

    • Pass — the check succeeded.
    • ⚠️ Warn — a non-blocking issue, for example the Management API is unreachable so automatic updates will not work, but the tunnel will still come up.
    • Fail — a blocking issue, with a specific remediation hint (for example, Allow outbound UDP on port 7844).

    If DNS is unresolvable, or both UDP and TCP fail on port 7844, cloudflared exits early with the failure rather than looping on opaque failed to dial errors.

    Pre-checks now run automatically on every start, which also catches regressions like overnight firewall policy changes — no need to remember to rerun the troubleshooting guide.

    To get the new behavior, upgrade cloudflared to version 2026.5.2 or later. For more details, refer to the Connectivity pre-checks documentation.

  1. You can now scope Cloudflare permissions to individual Cloudflare Tunnel instances and Cloudflare Mesh nodes. Administrators can delegate access to specific Tunnels or Mesh nodes without granting account-wide control over private networking.

    What is new

    When you add a member or create a permission policy, the resource picker now lists Cloudflare Tunnel instances and Cloudflare Mesh nodes as scopable resource types. You can:

    • Grant a read-only role on a single Cloudflare Tunnel instance to a support operator for log streaming and diagnostics — without exposing other Tunnels or destructive actions.
    • Grant a write role on a specific Cloudflare Mesh node to an application team — without giving them access to the rest of your private network.
    • Scope a single policy to one or many Tunnels and Mesh nodes at once.

    How it works

    Granular permissions are a parallel layer to existing account-level roles — they do not replace them.

    • Existing account-level roles continue to work. A member with Cloudflare Access or Cloudflare Zero Trust retains write access to every Tunnel and Mesh node in the account. This ensures backward compatibility for existing automation and tokens.
    • Granular permissions are additive. For any API request on a specific Tunnel or Mesh node, access is granted if the principal has either the account-level role or a granular permission for that resource.
    • Resource enumeration is authorization-aware. Listing endpoints (GET /accounts/{id}/cfd_tunnel, GET /accounts/{id}/warp_connector) return only the resources the principal has at least read access to.

    Get started

  1. Key Findings

    • Existing rule enhancements have been deployed to improve detection resilience against broad classes of web attacks and strengthen behavioral coverage.

    Continuous Rule Improvements

    We are continuously refining our managed rules to provide more resilient protection and deeper insights into attack patterns. To ensure an optimal security posture, we recommend consistently monitoring the Security Events dashboard and adjusting rule actions as these enhancements are deployed.

    RulesetRule IDLegacy Rule IDDescriptionPrevious ActionNew ActionComments
    Cloudflare Managed Ruleset N/ASitecore - Cache Poisoning - CVE:CVE-2025-53693 BetaN/ABlock

    This rule is merged into the original rule "Sitecore - Cache Poisoning - CVE:CVE-2025-53693" (ID: ).

  1. This emergency release introduces two new rules to detect nginx heap buffer overflow and heap spray exploitation attempts targeting the rewrite module's is_args stale-state bug (CVE-2026-42945).

    Key Findings

    CVE-2026-42945: nginx Heap Buffer Overflow via Stale is_args in Rewrite Module

    Successful exploitation allows remote attackers to trigger a heap buffer overflow in nginx's rewrite module by sending crafted URIs containing escapable characters. A length/copy pass mismatch in ngx_http_script_copy_capture_code() causes the copy pass to write escaped data into an undersized buffer, leading to heap corruption. This enables denial of service (worker process crash) and, with heap feng shui techniques, potential remote code execution.

    We strongly recommend upgrading to nginx 1.30.1 (or later) immediately to address the underlying vulnerability. If you cannot upgrade immediately, avoid rewrite directives with ? in the replacement string followed by set or if referencing capture groups.

    RulesetRule IDLegacy Rule IDDescriptionPrevious ActionNew ActionComments
    Cloudflare Managed Ruleset N/Anginx - Remote Code Execution - Buffer Overread - CVE:CVE-2026-42945N/ABlock

    This is a new detection.

    Cloudflare Managed Ruleset N/Anginx - Remote Code Execution - Heap Spray - CVE:CVE-2026-42945N/ABlock

    This is a new detection.

  1. We’ve added a new Agent Readiness tab to URL Scanner reports accessible via the Cloudflare dashboard. This feature evaluates your site against emerging AI standards and provides six specialized scores to help you optimize for the next generation of AI agents and automated discovery.

    The Internet is shifting from a human-read web to a machine-read web. AI agents now browse, interact with, and even perform transactions on websites. If a site isn't "agent-ready," these bots may consume excessive bandwidth, fail to find critical information, or be unable to navigate your services efficiently.

    This update provides material value by breaking down readiness into six actionable categories:

    • Basic Web Presence
    • Discoverability
    • Content Accessibility
    • Bot Access Control
    • Protocol Discovery
    • Commerce

    Accessing the report

    You can view these scores for any scanned URL directly in the dashboard or via our API.

    • Dashboard: Go to Protect & Connect > Application Security > Investigate. After running a scan, select the Agent Readiness tab in the report.
    • API: Use the URL Scanner API to programmatically retrieve these scores for your infrastructure.

    To learn more about the methodology behind these scores, refer to the blogpost.

  1. Key Findings

    • Existing rule enhancements have been deployed to improve detection resilience against broad classes of web attacks and strengthen behavioral coverage.

    Continuous Rule Improvements

    We are continuously refining our managed rules to provide more resilient protection and deeper insights into attack patterns. To ensure an optimal security posture, we recommend consistently monitoring the Security Events dashboard and adjusting rule actions as these enhancements are deployed.

    RulesetRule IDLegacy Rule IDDescriptionPrevious ActionNew ActionComments
    Cloudflare Managed Ruleset N/ARemote Code Execution - Java Deserialization - Body - BetaBlockDisabled

    This is a new detection. This rule is merged into the original rule "Remote Code Execution - Java Deserialization" (ID: ).

  1. Multiple security vulnerabilities were disclosed by the React team and Vercel affecting React Server Components and Next.js. These include denial of service, middleware and proxy bypass, server-side request forgery, cross-site scripting, and cache poisoning issues across a range of severity levels.

    We strongly recommend updating your application and its dependencies immediately. Patched versions are available for React (react-server-dom-webpack, react-server-dom-parcel, and react-server-dom-turbopack 19.0.6, 19.1.7, and 19.2.6) and Next.js (15.5.16 and 16.2.5).

    WAF protections

    Cloudflare WAF rules deployed in response to prior React Server Component CVEs (CVE-2025-55184 and CVE-2026-23864) already provide coverage for the newly disclosed denial-of-service vulnerabilities. These rules are enabled by default with a Block action for all customers using the Cloudflare Managed Ruleset, including Free plan customers using the Free Managed Ruleset.

    RulesetRule descriptionRule IDDefault action
    Cloudflare Managed RulesetReact - DoS - CVE-2025-551842694f1610c0b471393b21aef102ec699Block
    Cloudflare Managed RulesetReact - DoS - CVE-2026-23864aaede80b4d414dc89c443cea61680354Block

    The existing rules detect the underlying attack patterns generically. As a result, they apply to the new CVE-2026-23870 denial-of-service vulnerability in Server Components and the corresponding Next.js advisory GHSA-8h8q-6873-q5fj.

    Cloudflare is investigating whether WAF rules can be safely and effectively deployed for three of the high-severity advisories: CVE-2026-23870 / GHSA-8h8q-6873-q5fj, GHSA-267c-6grr-h53f, and GHSA-mg66-mrh9-m8jx. If it is possible to create a managed WAF rule that mitigates these CVEs and does not potentially break application behavior, Cloudflare will add additional managed WAF rules. These rules will be announced through the WAF changelog. Because these vulnerabilities were shared with Cloudflare with minimal advance notice, we are still investigating what WAF mitigations are possible.

    Several of the disclosed vulnerabilities are not possible to block in WAF. We strongly recommend updating your applications so they are not purely reliant on WAF mitigations.

    Customers on Pro, Business, or Enterprise plans should ensure that Managed Rules are enabled.

    Next.js adapters

    Vinext: Vinext is a Vite plugin that reimplements the Next.js API surface. Vinext's latest release is not vulnerable to any of the disclosed CVEs. Vinext's architecture differs from stock Next.js in ways that sidestep the affected code paths. For example, it does not implement the PPR resume protocol, does not expose Pages Router data-route endpoints, and strips internal headers such as x-nextjs-data at request boundaries. As an extra layer of defense, we added a React 19.2.6 or later requirement when running vinext init (PR #1118, PR #1112) to prevent accidentally running a vulnerable version of React with Vinext.

    OpenNext on Cloudflare: OpenNext is an adapter that lets you deploy Next.js apps to the Cloudflare Workers platform. OpenNext itself is not directly vulnerable to the React denial-of-service CVE, but users must update the Next.js version in their application. The OpenNext team has updated the adapter to further harden against these vectors and released a new version of the Cloudflare adapter. Test fixtures and examples have been updated to use patched versions (PR #1255).

    Summary of disclosed vulnerabilities

    AdvisorySeverityIssueWAF status
    CVE-2026-23870 / GHSA-8h8q-6873-q5fjHighDenial of service in Server ComponentsWAF rules in place: 2694f1610c0b471393b21aef102ec699, aaede80b4d414dc89c443cea61680354
    Cloudflare is investigating additional managed WAF coverage
    GHSA-267c-6grr-h53fHighMiddleware bypass via segment-prefetch routesCloudflare is investigating if this can be safely and effectively mitigated by a managed WAF rule
    GHSA-mg66-mrh9-m8jxHighDenial of service via connection exhaustion in Cache ComponentsCloudflare is investigating if this can be safely and effectively mitigated by a managed WAF rule
    GHSA-492v-c6pp-mqqvHighMiddleware bypass via dynamic route parameter injectionNot possible to safely enable a managed WAF rule without potentially breaking application behavior
    GHSA-c4j6-fc7j-m34rHighSSRF via WebSocket upgradesNot possible to safely enable a managed WAF rule without potentially breaking application behavior
    GHSA-36qx-fr4f-26g5HighMiddleware bypass in Pages Router i18nCustom WAF rule possible; global managed rule could potentially break application behavior
    GHSA-ffhc-5mcf-pf4qModerateXSS via CSP noncesCustom WAF rule possible; global managed rule could potentially break application behavior
    GHSA-gx5p-jg67-6x7hModerateXSS in beforeInteractive scriptsNot possible to safely enable a managed WAF rule without potentially breaking application behavior
    GHSA-h64f-5h5j-jqjhModerateDenial of service in Image Optimization APICustom WAF rule possible; global managed rule could potentially break application behavior
    GHSA-wfc6-r584-vfw7ModerateCache poisoning in RSC responsesCustom WAF rule possible; global managed rule could potentially break application behavior
    GHSA-vfv6-92ff-j949LowCache poisoning via RSC cache-busting collisionsNot possible to safely enable a managed WAF rule without potentially breaking application behavior
    GHSA-3g8h-86w9-wvmqLowMiddleware redirect cache poisoningCustom WAF rule possible; global managed rule could potentially break application behavior
  1. You can now export your Requests for Information (RFI) history to a CSV document and customize your dashboard view by choosing how many RFI records to load per page.

    Why this matters

    These quality-of-life updates focus on data portability and dashboard performance, allowing power users to manage high volumes of requests more efficiently:

    • The new CSV export allows you to move RFI data into external tools for custom reporting, internal auditing, or cross-referencing with other security projects without manual data entry
    • With adjustable page density, you can now choose to load more records at once (10, 25 or 50) to scan through history faster

    Cloudforce One subscribers can find these new options in Cloudflare Dashboard > Application Security > Threat Intelligence > Requests for Information.

  1. This emergency release introduces a new rule to detect Next.js App Router middleware and proxy bypass attempts via segment-prefetch routes (CVE-2026-44575).

    Key Findings

    CVE-2026-44575: Next.js Middleware / Proxy Bypass in App Router Applications via Segment-Prefetch Routes

    Successful exploitation allows unauthenticated attackers to bypass middleware or proxy-based authorization checks in affected Next.js App Router applications. This leads to unauthorized access to protected content, potential exposure of sensitive application data, and compromise of application security boundaries.

    We strongly recommend upgrading to Next.js 15.5.16 or 16.2.5 (or later) immediately to address the underlying vulnerability. If you cannot upgrade immediately, enforce authorization in the underlying route or page logic instead of relying solely on middleware.

    RulesetRule IDLegacy Rule IDDescriptionPrevious ActionNew ActionComments
    Cloudflare Managed Ruleset N/ANext.js - Middleware Bypass via Invalid RSC Header - CVE:CVE-2026-44575N/ADisabled

    This is a new detection.

  1. The Cloudforce One Threat Events API now supports TAXII as an output format, enabling standardized, automated sharing of cyber threat intelligence with your existing security stack.

    Why this matters

    • You can now ingest Cloudforce One threat data directly into your SIEM, TIP or SOAR tools that prefer TAXII-formatted streams without needing custom translation scripts.
    • By supporting the TAXII format parameter in our API, security teams can automate the synchronization of indicator data, reducing the manual overhead of updating blocklists and detection rules.
    • This alignment with industry standards ensures that your threat data remains consistent across different security ecosystems and partner integrations.

    How to use it

    When calling the Threat Events API, you can now specify taxii in the format query parameter:

    GET /accounts/{account_id}/cloudforce_one/threat_events?format=taxii

    You can find the updated documentation in the Cloudflare API Reference.