Hacking news

Cloudflare Fixes ACME Validation Bug Allowing WAF Bypass to Origin Servers

on January 20, 2026

The Hacker News

Cloudflare has addressed a security vulnerability impacting its Automatic Certificate Management Environment (ACME) validation logic that made it possible to bypass security controls and access origin servers. "The vulnerability was rooted in how our edge network processed requests destined for the ACME HTTP-01 challenge path (/.well-known/acme-challenge/*)," the web infrastructure

More From Author

Hacking news

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

April 2, 2026

The Hacker News

Hacking news

Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise

April 2, 2026

The Hacker News

Hacking news

ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories

April 2, 2026

The Hacker News

Cloudflare Fixes ACME Validation Bug Allowing WAF Bypass to Origin Servers

More From Author

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise

ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories

Why Secrets in JavaScript Bundles are Still Being Missed

Evelyn Stealer Malware Abuses VS Code Extensions to Steal Developer Credentials and Crypto

Leave a Reply Cancel reply