Cloudflare said an internal change made while responding to a newly disclosed React security flaw caused its own network to be unavailable for several minutes on Friday, but stressed the incident was not the result of an attack. Cloudflare, a US-based web infrastructure and security company that operates a global content delivery network (CDN) and Domain Name System (DNS) service, runs one of the world\u2019s largest networks, helping websites and apps load faster and stay online by protecting them from traffic surges and cyberattacks. In a post on X (formerly Twitter), Cloudflare Chief Technical Officer (CTO) Dane Knecht said the company was \u201caware of the issue impacting the availability of Cloudflare\u2019s network.\u201d He added: \u201cIt was not an attack; root cause was disabling some logging to help mitigate this week\u2019s React CVE (Common Vulnerabilities and Exposures),\u201d referring to a vulnerability in React\u2019s server-side components. Knecht said Cloudflare would \u201cshare full details in a blog post today\u201d, adding that \u201csites should be back online now,\u201d while acknowledging \u201cthe frustration this causes and the work being\u201d done by customers. The post was published at 2:20pm on Friday, December 5, 2025. An incident report on Cloudflare\u2019s status page later marked the issue as resolved. \u201cA change made to how Cloudflare\u2019s WAF [Web Application Firewall] parses requests caused Cloudflare\u2019s network to be unavailable for several minutes this morning,\u201d the report said. \u201cThis was not an attack; the change was deployed by our team to help mitigate the industry-wide vulnerability disclosed this week in React Server Components. We will share more information as we have it today.\u201d According to the status page, Cloudflare first reported problems at 08:56 UTC, saying it was \u201cinvestigating issues with Cloudflare Dashboard and related APIs [Application Programming Interface]\u201d and warning that \u201ccustomers using the Dashboard \/ Cloudflare APIs are impacted as requests might fail and\/or errors may be displayed.\u201d At 09:09 UTC, the company said it was \u201ccontinuing to investigate this issue.\u201d By 09:12 UTC, it posted a \u201cMonitoring\u201d update stating that \u201ca fix has been implemented and we are monitoring the results.\u201d A further update at 09:19 UTC said Cloudflare was \u201ccontinuing to monitor the results,\u201d and at 09:20 UTC the incident was declared resolved. The disruption comes a few weeks after a separate outage in November, when an automatically generated configuration file grew too large and crashed the software handling traffic for several Cloudflare services. That incident, which began around 6:30am Eastern Time (ET), briefly prevented thousands of users from accessing major platforms including X, ChatGPT, Canva and Grindr. Cloudflare said then there was \u201cno evidence that this was the result of an attack or caused by malicious activity\u201d and that it had deployed a fix while working to restore service globally. Cloudflare says it is monitoring the results of Friday\u2019s fix and has promised a fuller technical explanation in a blog post.<\/p>\n","protected":false},"excerpt":{"rendered":"
Cloudflare said an internal change made while responding to a newly disclosed React security flaw caused its own network to be unavailable for several minutes…<\/p>\n","protected":false},"author":1,"featured_media":29290,"comment_status":"registered_only","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[14],"tags":[],"class_list":["post-29289","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology"],"aioseo_notices":[],"jetpack_publicize_connections":[],"_links":{"self":[{"href":"https:\/\/www.diplomacypakistan.com\/index.php?rest_route=\/wp\/v2\/posts\/29289","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.diplomacypakistan.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.diplomacypakistan.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.diplomacypakistan.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.diplomacypakistan.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=29289"}],"version-history":[{"count":0,"href":"https:\/\/www.diplomacypakistan.com\/index.php?rest_route=\/wp\/v2\/posts\/29289\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.diplomacypakistan.com\/index.php?rest_route=\/wp\/v2\/media\/29290"}],"wp:attachment":[{"href":"https:\/\/www.diplomacypakistan.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=29289"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.diplomacypakistan.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=29289"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.diplomacypakistan.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=29289"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}