Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-3125

Summary
Assigner-cloudflare
Assigner Org ID-a22f1246-ba21-4bb4-a601-ad51614c1513
Published At-04 Mar, 2026 | 18:14
Updated At-04 Mar, 2026 | 18:58
Rejected At-
Credits

SSRF vulnerability in opennextjs-cloudflare via /cdn-cgi/ path normalization bypass

A Server-Side Request Forgery (SSRF) vulnerability was identified in the @opennextjs/cloudflare package, resulting from a path normalization bypass in the /cdn-cgi/image/ handler.The @opennextjs/cloudflare worker template includes a /cdn-cgi/image/ handler intended for development use only. In production, Cloudflare's edge intercepts /cdn-cgi/image/ requests before they reach the Worker. However, by substituting a backslash for a forward slash (/cdn-cgi\image/ instead of /cdn-cgi/image/), an attacker can bypass edge interception and have the request reach the Worker directly. The JavaScript URL class then normalizes the backslash to a forward slash, causing the request to match the handler and trigger an unvalidated fetch of arbitrary remote URLs. For example: https://victim-site.com/cdn-cgi\image/aaaa/https://attacker.com In this example, attacker-controlled content from attacker.com is served through the victim site's domain (victim-site.com), violating the same-origin policy and potentially misleading users or other services. Note: This bypass only works via HTTP clients that preserve backslashes in paths (e.g., curl --path-as-is). Browsers normalize backslashes to forward slashes before sending requests. Additionally, Cloudflare Workers with Assets and Cloudflare Pages suffer from a similar vulnerability. Assets stored under /cdn-cgi/ paths are not publicly accessible under normal conditions. However, using the same backslash bypass (/cdn-cgi\... instead of /cdn-cgi/...), these assets become publicly accessible. This could be used to retrieve private data. For example, Open Next projects store incremental cache data under /cdn-cgi/_next_cache, which could be exposed via this bypass.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:cloudflare
Assigner Org ID:a22f1246-ba21-4bb4-a601-ad51614c1513
Published At:04 Mar, 2026 | 18:14
Updated At:04 Mar, 2026 | 18:58
Rejected At:
▼CVE Numbering Authority (CNA)
SSRF vulnerability in opennextjs-cloudflare via /cdn-cgi/ path normalization bypass

A Server-Side Request Forgery (SSRF) vulnerability was identified in the @opennextjs/cloudflare package, resulting from a path normalization bypass in the /cdn-cgi/image/ handler.The @opennextjs/cloudflare worker template includes a /cdn-cgi/image/ handler intended for development use only. In production, Cloudflare's edge intercepts /cdn-cgi/image/ requests before they reach the Worker. However, by substituting a backslash for a forward slash (/cdn-cgi\image/ instead of /cdn-cgi/image/), an attacker can bypass edge interception and have the request reach the Worker directly. The JavaScript URL class then normalizes the backslash to a forward slash, causing the request to match the handler and trigger an unvalidated fetch of arbitrary remote URLs. For example: https://victim-site.com/cdn-cgi\image/aaaa/https://attacker.com In this example, attacker-controlled content from attacker.com is served through the victim site's domain (victim-site.com), violating the same-origin policy and potentially misleading users or other services. Note: This bypass only works via HTTP clients that preserve backslashes in paths (e.g., curl --path-as-is). Browsers normalize backslashes to forward slashes before sending requests. Additionally, Cloudflare Workers with Assets and Cloudflare Pages suffer from a similar vulnerability. Assets stored under /cdn-cgi/ paths are not publicly accessible under normal conditions. However, using the same backslash bypass (/cdn-cgi\... instead of /cdn-cgi/...), these assets become publicly accessible. This could be used to retrieve private data. For example, Open Next projects store incremental cache data under /cdn-cgi/_next_cache, which could be exposed via this bypass.

Affected Products
Vendor
opennextjs
Product
@opennextjs/cloudflare
Collection URL
https://www.npmjs.com/package/@opennextjs/cloudflare
Package Name
@opennextjs/cloudflare
Repo
https://github.com/opennextjs/opennextjs-cloudflare
Modules
  • packages/cloudflare/src/cli/templates/worker.ts
Platforms
  • Cloudflare Workers
Default Status
unaffected
Versions
Affected
  • From 0 before 1.17.1 (npm)
Problem Types
TypeCWE IDDescription
CWECWE-918CWE-918 Server-Side Request Forgery (SSRF)
CWECWE-706CWE-706 Use of Incorrectly-Resolved Name or Reference
Type: CWE
CWE ID: CWE-918
Description: CWE-918 Server-Side Request Forgery (SSRF)
Type: CWE
CWE ID: CWE-706
Description: CWE-706 Use of Incorrectly-Resolved Name or Reference
Metrics
VersionBase scoreBase severityVector
4.07.7HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:H/SI:N/SA:N
Version: 4.0
Base score: 7.7
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:H/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-664CAPEC-664 Server Side Request Forgery
CAPEC-267CAPEC-267 Leverage Alternate Encoding
CAPEC ID: CAPEC-664
Description: CAPEC-664 Server Side Request Forgery
CAPEC ID: CAPEC-267
Description: CAPEC-267 Leverage Alternate Encoding
Solutions

Server-side updates to Cloudflare's Workers platform to block backslash path normalization bypasses for /cdn-cgi requests. The update automatically mitigates the issue for all existing and any future sites deployed to Cloudflare Workers.

In addition to the platform level fix, root cause fix https://github.com/opennextjs/opennextjs-cloudflare/pull/1147 has been implemented to the Cloudflare adapter for Open Next. The patched version of the adapter is found at @opennextjs/cloudflare@1.17.1 ( https://www.npmjs.com/package/@opennextjs/cloudflare https://www.npmjs.com/package/@opennextjs/cloudflare )

Dependency update https://github.com/opennextjs/opennextjs-cloudflare/pull/1150 to the Next.js template used with create-cloudflare (c3) to use the fixed version of the Cloudflare adapter for Open Next.

Configurations
Workarounds
Exploits
Credits
finder
https://x.com/ez_z3r
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/opennextjs/opennextjs-cloudflare/pull/1147
patch
https://www.npmjs.com/package/@opennextjs/cloudflare/v/1.17.1
product
https://github.com/advisories/GHSA-rvpw-p7vw-wj3m
related
https://www.cve.org/cverecord?id=CVE-2025-6087
related
Hyperlink: https://github.com/opennextjs/opennextjs-cloudflare/pull/1147
Resource:
patch
Hyperlink: https://www.npmjs.com/package/@opennextjs/cloudflare/v/1.17.1
Resource:
product
Hyperlink: https://github.com/advisories/GHSA-rvpw-p7vw-wj3m
Resource:
related
Hyperlink: https://www.cve.org/cverecord?id=CVE-2025-6087
Resource:
related
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cna@cloudflare.com
Published At:04 Mar, 2026 | 19:16
Updated At:04 Mar, 2026 | 19:16

A Server-Side Request Forgery (SSRF) vulnerability was identified in the @opennextjs/cloudflare package, resulting from a path normalization bypass in the /cdn-cgi/image/ handler.The @opennextjs/cloudflare worker template includes a /cdn-cgi/image/ handler intended for development use only. In production, Cloudflare's edge intercepts /cdn-cgi/image/ requests before they reach the Worker. However, by substituting a backslash for a forward slash (/cdn-cgi\image/ instead of /cdn-cgi/image/), an attacker can bypass edge interception and have the request reach the Worker directly. The JavaScript URL class then normalizes the backslash to a forward slash, causing the request to match the handler and trigger an unvalidated fetch of arbitrary remote URLs. For example: https://victim-site.com/cdn-cgi\image/aaaa/https://attacker.com In this example, attacker-controlled content from attacker.com is served through the victim site's domain (victim-site.com), violating the same-origin policy and potentially misleading users or other services. Note: This bypass only works via HTTP clients that preserve backslashes in paths (e.g., curl --path-as-is). Browsers normalize backslashes to forward slashes before sending requests. Additionally, Cloudflare Workers with Assets and Cloudflare Pages suffer from a similar vulnerability. Assets stored under /cdn-cgi/ paths are not publicly accessible under normal conditions. However, using the same backslash bypass (/cdn-cgi\... instead of /cdn-cgi/...), these assets become publicly accessible. This could be used to retrieve private data. For example, Open Next projects store incremental cache data under /cdn-cgi/_next_cache, which could be exposed via this bypass.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.07.7HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 4.0
Base score: 7.7
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-706Secondarycna@cloudflare.com
CWE-918Secondarycna@cloudflare.com
CWE ID: CWE-706
Type: Secondary
Source: cna@cloudflare.com
CWE ID: CWE-918
Type: Secondary
Source: cna@cloudflare.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/advisories/GHSA-rvpw-p7vw-wj3mcna@cloudflare.com
N/A
https://github.com/opennextjs/opennextjs-cloudflare/pull/1147cna@cloudflare.com
N/A
https://www.cve.org/cverecord?id=CVE-2025-6087cna@cloudflare.com
N/A
https://www.npmjs.com/package/@opennextjs/cloudflare/v/1.17.1cna@cloudflare.com
N/A
Hyperlink: https://github.com/advisories/GHSA-rvpw-p7vw-wj3m
Source: cna@cloudflare.com
Resource: N/A
Hyperlink: https://github.com/opennextjs/opennextjs-cloudflare/pull/1147
Source: cna@cloudflare.com
Resource: N/A
Hyperlink: https://www.cve.org/cverecord?id=CVE-2025-6087
Source: cna@cloudflare.com
Resource: N/A
Hyperlink: https://www.npmjs.com/package/@opennextjs/cloudflare/v/1.17.1
Source: cna@cloudflare.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

1Records found
CVE-2025-6087
Matching Score-6
Assigner-Cloudflare, Inc.
ShareView Details
Matching Score-6
Assigner-Cloudflare, Inc.
CVSS Score-7.8||HIGH
EPSS-0.26% / 49.37%
||
7 Day CHG-0.00%
Published-16 Jun, 2025 | 18:30
Updated-06 Aug, 2025 | 17:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SSRF vulnerability in opennextjs-cloudflare via /_next/image endpoint

A Server-Side Request Forgery (SSRF) vulnerability was identified in the @opennextjs/cloudflare package. The vulnerability stems from an unimplemented feature in the Cloudflare adapter for Open Next, which allowed unauthenticated users to proxy arbitrary remote content via the /_next/image endpoint. This issue allowed attackers to load remote resources from arbitrary hosts under the victim site’s domain for any site deployed using the Cloudflare adapter for Open Next.  For example: https://victim-site.com/_next/image?url=https://attacker.com In this example, attacker-controlled content from attacker.com is served through the victim site’s domain (victim-site.com), violating the same-origin policy and potentially misleading users or other services. Impact: * SSRF via unrestricted remote URL loading * Arbitrary remote content loading * Potential internal service exposure or phishing risks through domain abuse Mitigation: The following mitigations have been put in place: * Server side updates to Cloudflare’s platform to restrict the content loaded via the /_next/image endpoint to images. The update automatically mitigates the issue for all existing and any future sites deployed to Cloudflare using the affected version of the Cloudflare adapter for Open Next * Root cause fix https://github.com/opennextjs/opennextjs-cloudflare/pull/727  to the Cloudflare adapter for Open Next. The patched version of the adapter is found here  @opennextjs/cloudflare@1.3.0 https://www.npmjs.com/package/@opennextjs/cloudflare/v/1.3.0 * Package dependency update https://github.com/cloudflare/workers-sdk/pull/9608  to create-cloudflare (c3) to use the fixed version of the Cloudflare adapter for Open Next. The patched version of create-cloudflare is found here:  create-cloudflare@2.49.3 https://www.npmjs.com/package/create-cloudflare/v/2.49.3 In addition to the automatic mitigation deployed on Cloudflare’s platform, we encourage affected users to upgrade to @opennext/cloudflare v1.3.0 and use the remotePatterns https://nextjs.org/docs/pages/api-reference/components/image#remotepatterns filter in Next config https://nextjs.org/docs/pages/api-reference/components/image#remotepatterns if they need to allow-list external urls with images assets.

Action-Not Available
Vendor-opennextjsCloudflare, Inc.
Product-opennext_for_cloudflarecreate-cloudflare
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
Details not found