Cloudflare Release Notes

All Cloudflare Release Notes (376)

• Feb 17, 2026

  • Date parsed from source:
    Feb 17, 2026
  • First seen by Releasebot:
    Feb 20, 2026
  

  Developer Platform by Cloudflare

  Containers - Docker-in-Docker support added to Containers and Sandboxes

  Sandboxes and Containers now support running Docker for "Docker-in-Docker" setups. This is particularly useful when your end users or agents want to run a full sandboxed development environment.

  This allows you to:

  • Develop containerized applications with your Sandbox
  • Run isolated test environments for images
  • Build container images as part of CI/CD workflows
  • Deploy arbitrary images supplied at runtime within a container

  For Sandbox SDK users, see the Docker-in-Docker guide for instructions on combining Docker with the SandboxSDK. For general Containers usage, see the Containers FAQ.

  Original source Report a problem

  Show more
• Feb 17, 2026

  • Date parsed from source:
    Feb 17, 2026
  • First seen by Releasebot:
    Feb 19, 2026
  

  Cloudflare One by Cloudflare

  Access - Streamlined clientless access for private applications

  New Allow clientless access setting streamlines private self-hosted app access without a device client. It replaces the old bookmark workaround by enabling a prefixed URL tile in the App Launcher, shown to users who pass policy. Remote browser permissions required.

  Allow clientless access

  A new Allow clientless access setting makes it easier to enable access to private self-hosted applications without a device client.

  Previously, to provide clientless access to a private hostname or IP, you had to create a separate bookmark application pointing to a prefixed Clientless Web Isolation URL (for example, https://<your-teamname>.cloudflareaccess.com/browser/https://10.0.0.1/). This bookmark was visible to all users in the App Launcher, regardless of whether they had access to the underlying application.

  Now, you can manage clientless access directly within your private self-hosted application. When Allow clientless access is turned on, users who pass your Access application policies will see a tile in their App Launcher pointing to the prefixed URL. Users must have remote browser permissions to open the link.

  Original source Report a problem

  Show more
• All of your release notes in one feed

  Join Releasebot and get updates from Cloudflare and hundreds of other software products.

  Create account

  Subscribe with: RSS Email API Slack n8n Zapier
• Feb 17, 2026

  • Date parsed from source:
    Feb 17, 2026
  • First seen by Releasebot:
    Feb 19, 2026
  

  Cloudflare One by Cloudflare

  Access - Policies for bookmark applications

  You can now assign Access policies to bookmark apps, tailoring the App Launcher so users only see permitted bookmarks. Policies can restrict visibility by identity, device posture, and group membership, helping protect sensitive resources. If no policy is set, bookmarks remain visible to all users for backwards compatibility.

  You can now assign Access policies to bookmark applications.

  This lets you control which users see a bookmark in the App Launcher based on identity, device posture, and other policy rules.

  Previously, bookmark applications were visible to all users in your organization. With policy support, you can now:

  • Tailor the App Launcher to each user — Users only see the applications they have access to, reducing clutter and preventing accidental clicks on irrelevant resources.
  • Restrict visibility of sensitive bookmarks — Limit who can view bookmarks to internal tools or partner resources based on group membership, identity provider, or device posture.
  • Bookmarks support all Access policy configurations except purpose justification, temporary authentication, and application isolation. If no policy is assigned, the bookmark remains visible to all users (maintaining backwards compatibility).

  For more information, refer to Add bookmarks.

  Original source Report a problem

  Show more
• Feb 17, 2026

  • Date parsed from source:
    Feb 17, 2026
  • First seen by Releasebot:
    Feb 19, 2026
  

  Analytics by Cloudflare

  Cloudflare One Product Name Updates

  Cloudflare refreshes Networking branding to clearly map products to Zero Trust and SASE. Old names are retired in favor of descriptive labels while all functionality and billing remain unchanged.

  We are updating naming related to some of our Networking products to better clarify their place in the Zero Trust and Secure Access Service Edge (SASE) journey.
  We are retiring some older brand names in favor of names that describe exactly what the products do within your network. We are doing this to help customers build better, clearer mental models for comprehensive SASE architecture delivered on Cloudflare.

  What’s changing

  • Magic WAN -> Cloudflare WAN
  • Magic WAN IPsec -> Cloudflare IPsec
  • Magic WAN GRE -> Cloudflare GRE
  • Magic WAN Connector -> Cloudflare One Appliance
  • Magic Firewall -> Cloudflare Network Firewall
  • Magic Network Monitoring -> Network Flow
  • Magic Cloud Networking -> Cloudflare One Multi-cloud Networking

  No action is required by you; all functionality, existing configurations, and billing will remain exactly the same.

  For more information, visit the
  Cloudflare One documentation.

  Original source Report a problem

  Show more
• Feb 17, 2026

  • Date parsed from source:
    Feb 17, 2026
  • First seen by Releasebot:
    Feb 18, 2026
  

  Cloudflare One by Cloudflare

  Cloudflare One, Cloudflare WAN, Cloudflare Network Firewall, Network Flow - Cloudflare One Product Name Updates

  Cloudflare renames networking products to reflect the Zero Trust and SASE journey, retiring old brands for clearer mappings. Magic WAN becomes Cloudflare WAN, IPsec to Cloudflare IPsec, GRE to Cloudflare GRE, Connector to Cloudflare One, Firewall to Cloudflare Network Firewall, and Monitoring to Network Flow. No action is required.

  We are updating naming related to some of our Networking products to better clarify their place in the Zero Trust and Secure Access Service Edge (SASE) journey.
  We are retiring some older brand names in favor of names that describe exactly what the products do within your network. We are doing this to help customers build better, clearer mental models for comprehensive SASE architecture delivered on Cloudflare.

  What's changing

  • Magic WAN → Cloudflare WAN
  • Magic WAN IPsec → Cloudflare IPsec
  • Magic WAN GRE → Cloudflare GRE
  • Magic WAN Connector → Cloudflare One Appliance
  • Magic Firewall → Cloudflare Network Firewall
  • Magic Network Monitoring → Network Flow

  No action is required by you — all functionality, existing configurations, and billing will remain exactly the same.

  For more information, visit the Cloudflare One documentation.

  Original source Report a problem

  Show more
• Feb 17, 2026

  • Date parsed from source:
    Feb 17, 2026
  • First seen by Releasebot:
    Feb 18, 2026
  

  Network Security by Cloudflare

  Cloudflare One, Cloudflare WAN, Cloudflare Network Firewall, Network Flow - Cloudflare One Product Name Updates

  Cloudflare renames networking products to align with SASE and Zero Trust, clarifying each tool’s role. Old names become Cloudflare branded equivalents, with no action needed and no changes to functionality or billing.

  We are updating naming related to some of our Networking products to better clarify their place in the Zero Trust and Secure Access Service Edge (SASE) journey.
  We are retiring some older brand names in favor of names that describe exactly what the products do within your network. We are doing this to help customers build better, clearer mental models for comprehensive SASE architecture delivered on Cloudflare.

  What's changing

  • Magic WAN → Cloudflare WAN
  • Magic WAN IPsec → Cloudflare IPsec
  • Magic WAN GRE → Cloudflare GRE
  • Magic WAN Connector → Cloudflare One Appliance
  • Magic Firewall → Cloudflare Network Firewall
  • Magic Network Monitoring → Network Flow

  No action is required by you — all functionality, existing configurations, and billing will remain exactly the same.

  For more information, visit the Cloudflare One documentation.

  Original source Report a problem

  Show more
• Feb 17, 2026

  • Date parsed from source:
    Feb 17, 2026
  • First seen by Releasebot:
    Feb 17, 2026
  • Modified by Releasebot:
    Feb 20, 2026
  

  Developer Platform by Cloudflare

  Agents, Workers - Agents SDK v0.5.0: Protocol message control, retry utilities, data parts, and @cloudflare/ai-chat v0.1.0

  The Agents SDK release adds built‑in retry utilities with per‑task and class defaults, plus per‑connection protocol message controls. It ships @cloudflare/ai-chat v0.1.0 with data parts, tool approval persistence, and incremental persistence along with notable fixes.

  Retry utilities

  A new this.retry() method lets you retry any async operation with exponential backoff and jitter. You can pass an optional shouldRetry predicate to bail early on non-retryable errors.

  JavaScript

  class MyAgent extends Agent {
    async onRequest(request) {
      const data = await this.retry(() => callUnreliableService(), {
        maxAttempts: 4,
        shouldRetry: (err) => !(err instanceof PermanentError),
      });
      return Response.json(data);
    }
  }
  

  TypeScript

  class MyAgent extends Agent {
    async onRequest(request: Request) {
      const data = await this.retry(() => callUnreliableService(), {
        maxAttempts: 4,
        shouldRetry: (err) => !(err instanceof PermanentError),
      });
      return Response.json(data);
    }
  }
  

  Retry options are also available per-task on queue(), schedule(), scheduleEvery(), and addMcpServer():

  JavaScript

  // Per-task retry configuration, persisted in SQLite alongside the task
  await this.schedule(
    Date.now() + 60_000,
    "sendReport",
    { userId: "abc" },
    {
      retry: { maxAttempts: 5 },
    },
  );
  // Class-level retry defaults
  class MyAgent extends Agent {
    static options = {
      retry: { maxAttempts: 3 },
    };
  }
  

  TypeScript

  // Per-task retry configuration, persisted in SQLite alongside the task
  await this.schedule(Date.now() + 60_000, "sendReport", { userId: "abc" }, {
    retry: { maxAttempts: 5 },
  });
  // Class-level retry defaults
  class MyAgent extends Agent {
    static options = {
      retry: { maxAttempts: 3 },
    };
  }
  

  Retry options are validated eagerly at enqueue/schedule time, and invalid values throw immediately. Internal retries have also been added for workflow operations (terminateWorkflow, pauseWorkflow, and others) with Durable Object-aware error detection.

  Per-connection protocol message control

  Agents automatically send JSON text frames (identity, state, MCP server lists) to every WebSocket connection. You can now suppress these per-connection for clients that cannot handle them — binary-only devices, MQTT clients, or lightweight embedded systems.

  JavaScript

  class MyAgent extends Agent {
    shouldSendProtocolMessages(connection, ctx) {
      // Suppress protocol messages for MQTT clients
      const subprotocol = ctx.request.headers.get("Sec-WebSocket-Protocol");
      return subprotocol !== "mqtt";
    }
  }
  

  TypeScript

  class MyAgent extends Agent {
    shouldSendProtocolMessages(connection: Connection, ctx: ConnectionContext) {
      // Suppress protocol messages for MQTT clients
      const subprotocol = ctx.request.headers.get("Sec-WebSocket-Protocol");
      return subprotocol !== "mqtt";
    }
  }
  

  Connections with protocol messages disabled still fully participate in RPC and regular messaging. Use isConnectionProtocolEnabled(connection) to check a connection's status at any time. The flag persists across Durable Object hibernation.
  See Protocol messages for full documentation.

  @cloudflare/ai-chat v0.1.0

  The first stable release of @cloudflare/ai-chat ships alongside this release with a major refactor of AIChatAgent internals — new ResumableStream class, WebSocket ChatTransport, and simplified SSE parsing — with zero breaking changes. Existing code using AIChatAgent and useAgentChat works as-is.

  Key new features:

  • Data parts — Attach typed JSON blobs (data-*) to messages alongside text. Supports reconciliation (type+id updates in-place), append, and transient parts (ephemeral via onData callback). See Data parts.
  • Tool approval persistence — The needsApproval approval UI now survives page refresh and DO hibernation. The streaming message is persisted to SQLite when a tool enters approval-requested state.
  • maxPersistedMessages — Cap SQLite message storage with automatic oldest-message deletion.
  • body option on useAgentChat — Send custom data with every request (static or dynamic).
  • Incremental persistence — Hash-based cache to skip redundant SQL writes.
  • Row size guard — Automatic two-pass compaction when messages approach the SQLite 2 MB limit.
  • autoContinueAfterToolResult defaults to true — Client-side tool results and tool approvals now automatically trigger a server continuation, matching server-executed tool behavior. Set autoContinueAfterToolResult: false in useAgentChat to restore the previous behavior.

  Notable bug fixes:

  • Resolved stream resumption race conditions
  • Resolved an issue where setMessages functional updater sent empty arrays
  • Resolved an issue where client tool schemas were lost after DO hibernation
  • Resolved InvalidPromptError after tool approval (approval.id was dropped)
  • Resolved an issue where message metadata was not propagated on broadcast/resume paths
  • Resolved an issue where clearAll() did not clear in-memory chunk buffers
  • Resolved an issue where reasoning-delta silently dropped data when reasoning-start was missed during stream resumption

  Synchronous queue and schedule getters

  • getQueue(), getQueues(), getSchedule(), dequeue(), dequeueAll(), and dequeueAllByCallback() were unnecessarily async despite only performing synchronous SQL operations. They now return values directly instead of wrapping them in Promises. This is backward compatible — existing code using await on these methods will continue to work.

  Other improvements

  • Fix TypeScript "excessively deep" error — A depth counter on CanSerialize and IsSerializableParam types bails out to true after 10 levels of recursion, preventing the "Type instantiation is excessively deep" error with deeply nested types like AI SDK CoreMessage[].
  • POST SSE keepalive — The POST SSE handler now sends event: ping every 30 seconds to keep the connection alive, matching the existing GET SSE handler behavior. This prevents POST response streams from being silently dropped by proxies during long-running tool calls.
  • Widened peer dependency ranges — Peer dependency ranges across packages have been widened to prevent cascading major bumps during 0.x minor releases. @cloudflare/ai-chat and @cloudflare/codemode are now marked as optional peer dependencies.

  Upgrade
  To update to the latest version:

  npm i agents@latest @cloudflare/ai-chat@latest
  

  Original source Report a problem

  Show more
• Feb 17, 2026

  • Date parsed from source:
    Feb 17, 2026
  • First seen by Releasebot:
    Feb 17, 2026
  

  Cloudflare AI by Cloudflare

  Agents SDK v0.5.0: Protocol message control, retry utilities, data parts, and @cloudflare/ai-chat v0.1.0

  Agents SDK adds built in retry utilities with exponential backoff and per task options, plus per connection protocol message control for WebSocket flows. The @cloudflare/ai-chat v0.1.0 brings data parts, tool approval persistence, and smarter persistence and messaging.

  The latest release

  The latest release of the Agents SDK adds built-in retry utilities, per-connection protocol message control, and a fully rewritten @cloudflare/ai-chat with data parts, tool approval persistence, and zero breaking changes.

  Retry utilities

  A new this.retry() method lets you retry any async operation with exponential backoff and jitter. You can pass an optional shouldRetry predicate to bail early on non-retryable errors.

  Retry options are also available per-task on queue(), schedule(), scheduleEvery(), and addMcpServer():

  Retry options are validated eagerly at enqueue/schedule time, and invalid values throw immediately. Internal retries have also been added for workflow operations (terminateWorkflow, pauseWorkflow, and others) with Durable Object-aware error detection.

  Per-connection protocol message control

  Agents automatically send JSON text frames (identity, state, MCP server lists) to every WebSocket connection. You can now suppress these per-connection for clients that cannot handle them — binary-only devices, MQTT clients, or lightweight embedded systems.

  Connections with protocol messages disabled still fully participate in RPC and regular messaging. Use isConnectionProtocolEnabled(connection) to check a connection's status at any time. The flag persists across Durable Object hibernation.

  See Protocol messages for full documentation.

  @cloudflare/ai-chat v0.1.0

  The first stable release of @cloudflare/ai-chat ships alongside this release with a major refactor of AIChatAgent internals — new ResumableStream class, WebSocket ChatTransport, and simplified SSE parsing — with zero breaking changes. Existing code using AIChatAgent and useAgentChat works as-is.

  Key new features:

  • Data parts — Attach typed JSON blobs (data-*) to messages alongside text. Supports reconciliation (type+id updates in-place), append, and transient parts (ephemeral via onData callback). See Data parts.
  • Tool approval persistence — The needsApproval approval UI now survives page refresh and DO hibernation. The streaming message is persisted to SQLite when a tool enters approval-requested state.
  • maxPersistedMessages — Cap SQLite message storage with automatic oldest-message deletion.
  • body option on useAgentChat — Send custom data with every request (static or dynamic).
  • Incremental persistence — Hash-based cache to skip redundant SQL writes.
  • Row size guard — Automatic two-pass compaction when messages approach the SQLite 2 MB limit.
  • autoContinueAfterToolResult defaults to true — Client-side tool results and tool approvals now automatically trigger a server continuation, matching server-executed tool behavior. Set autoContinueAfterToolResult: false in useAgentChat to restore the previous behavior.

  Notable bug fixes:

  • Resolved stream resumption race conditions
  • Resolved an issue where setMessages functional updater sent empty arrays
  • Resolved an issue where client tool schemas were lost after DO hibernation
  • Resolved InvalidPromptError after tool approval (approval.id was dropped)
  • Resolved an issue where message metadata was not propagated on broadcast/resume paths
  • Resolved an issue where clearAll() did not clear in-memory chunk buffers
  • Resolved an issue where reasoning-delta silently dropped data when reasoning-start was missed during stream resumption

  Synchronous queue and schedule getters

  getQueue(), getQueues(), getSchedule(), dequeue(), dequeueAll(), and dequeueAllByCallback() were unnecessarily async despite only performing synchronous SQL operations. They now return values directly instead of wrapping them in Promises. This is backward compatible — existing code using await on these methods will continue to work.

  Other improvements

  • Fix TypeScript "excessively deep" error — A depth counter on CanSerialize and IsSerializableParam types bails out to true after 10 levels of recursion, preventing the "Type instantiation is excessively deep" error with deeply nested types like AI SDK CoreMessage[].
  • POST SSE keepalive — The POST SSE handler now sends event: ping every 30 seconds to keep the connection alive, matching the existing GET SSE handler behavior. This prevents POST response streams from being silently dropped by proxies during long-running tool calls.
  • Widened peer dependency ranges — Peer dependency ranges across packages have been widened to prevent cascading major bumps during 0.x minor releases. @cloudflare/ai-chat and @cloudflare/codemode are now marked as optional peer dependencies.

  Upgrade

  To update to the latest version:

  npm i agents@latest @cloudflare/ai-chat@latest

  Original source Report a problem

  Show more
• Feb 16, 2026

  • Date parsed from source:
    Feb 16, 2026
  • First seen by Releasebot:
    Feb 18, 2026
  

  Application Security by Cloudflare

  WAF - WAF Release - 2026-02-16

  This release adds new detections for CVE-2025-68645 (Zimbra Webmail LFI) and CVE-2025-31125 (Vite development server file exposure). It ships Log Block rules under Cloudflare Managed Ruleset, signaling active protection for these vulnerabilities.

  This week’s release introduces new detections for CVE-2025-68645 and CVE-2025-31125.

  Key Findings

  CVE-2025-68645: A Local File Inclusion (LFI) vulnerability in the Webmail Classic UI of Zimbra Collaboration Suite (ZCS) 10.0 and 10.1 allows unauthenticated remote attackers to craft requests to the /h/rest endpoint, improperly influence internal dispatching, and include arbitrary files from the WebRoot directory.

  CVE-2025-31125: Vite, the JavaScript frontend tooling framework, exposes content of non-allowed files via ?inline&import when its development server is network-exposed, enabling unauthorized attackers to read arbitrary files and potentially leak sensitive information.

  Ruleset

  Rule ID Legacy Rule ID Description Previous Action New Action Comments Cloudflare Managed Ruleset 695d76ff756844d384cab548833761f7 Zimbra - Local File Inclusion - CVE:CVE-2025-68645 Log Block This is a new detection. Cloudflare Managed Ruleset 38fff9f3deba46a2abc10a8f950ed8c8 Vite - WASM Import Path Traversal - CVE:CVE-2025-31125 Log Block This is a new detection. Original source Report a problem

  Show more
• Feb 16, 2026

  • Date parsed from source:
    Feb 16, 2026
  • First seen by Releasebot:
    Feb 17, 2026
  

  Core Platform by Cloudflare

  Cloudflare Fundamentals - Content encoding support for Markdown for Agents and other improvements

  Cloudflare releases smarter Markdown for Agents with on‑the‑fly HTML to Markdown, boosts origin response limit to 2 MB, removes the content-length requirement, and adds support for content-encoded origins. Enable Markdown for Agents in AI Crawl Control to use it.

  This release adds the following improvements:

  • The origin response limit was raised from 1 MB to 2 MB (2,097,152 bytes).
  • We no longer require the origin to send the content-length header.
  • We now support content encoded responses from the origin.
  • If you haven’t enabled automatic Markdown conversion yet, visit the AI Crawl Control section of the Cloudflare dashboard and enable Markdown for Agents.
  • Refer to our developer documentation for more details.

  Original source Report a problem