Cloudflare Developers @CloudflareDev

Multiple security vulnerabilities affecting React Server Components and Next.js have been disclosed. We strongly recommend updating your applications immediately.

Cloudflare WAF managed rules already mitigate the disclosed denial-of-service vulnerabilities, and we are investigating additional coverage for several other CVEs.

May 7, 2026 View on X →

https://x.com/CloudflareDev/status/2052467567588196703