ChangeSpec  /  cloudflare

Cloudflare

crawled cloudflare.com Developer changelog

Cloud connectivity and security platform. CDN, Workers serverless runtime, R2 object storage, D1 database, and Zero Trust access control.

  • Zero Trust WARP client update required - CVE-2026-2141 critical

    A privilege escalation vulnerability (CVE-2026-2141, CVSS 9.3) in the WARP client for Windows versions below 2024.12.0 allows local code execution to escalate to SYSTEM privileges. Update all Windows WARP installations immediately. macOS and Linux are not affected.

    security crawled CVE-2026-2141 / CVSS 9.3 Immediate action required
  • Workers runtime V8 update - setTimeout now enforces 30s maximum high

    Workers updated the V8 runtime. setTimeout and setInterval now enforce a maximum delay of 30,000ms. Previously, delays longer than 30s were silently clamped but undocumented. Workers relying on delays over 30s must use Durable Object alarms.

    api_breaking crawled Action required
  • R2 storage egress pricing introduced for high-volume tiers medium

    Cloudflare R2 introduced egress pricing for accounts transferring more than 10TB per month at $0.015/GB above the threshold. Data below 10TB per month and egress to Cloudflare's own network remains free.

    pricing crawled
  • Workers Sites deprecated in favor of Cloudflare Pages medium

    Workers Sites, the original static site deployment mechanism, is deprecated. New projects should use Cloudflare Pages. Workers Sites will continue working for existing deployments until 2027-06-01.

    api_deprecation crawled sunset 2027-06-01
  • Workers Logs retention reduced from 7 days to 72 hours on free tier low

    Workers Logs retention on the free tier has been reduced from 7 days to 72 hours. Paid tier retention is unchanged at 7 days. The Workers Analytics API is unaffected.

    data_handling crawled