CyberHappenings logo
Home Browse About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Cloudflare service disruption causes widespread 500 Internal Server Errors

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

Cloudflare experienced a service disruption on December 5, 2025, leading to widespread 500 Internal Server Errors across websites relying on its infrastructure. The issue affected users attempting to access various sites, displaying server-side errors instead of the expected content. The disruption highlights the critical role of Cloudflare in maintaining the availability and security of numerous online services.

Timeline

  1. 05.12.2025 11:01 1 articles · 23h ago

    Cloudflare service disruption causes widespread 500 Internal Server Errors

    On December 5, 2025, Cloudflare experienced a service disruption that resulted in widespread 500 Internal Server Errors across websites using its services. Users attempting to access these sites encountered server-side errors, indicating a problem with Cloudflare's infrastructure. This disruption highlights the dependency of many websites on Cloudflare for performance and security.

    Show sources
    Open in new tab

Information Snippets

Similar Happenings

Critical React Server Components (RSC) Bugs Enable Unauthenticated Remote Code Execution

A critical security vulnerability (CVE-2025-55182, CVSS 10.0) in React Server Components (RSC) allows unauthenticated remote code execution due to unsafe deserialization of payloads. The flaw affects multiple versions of React and Next.js, potentially impacting any application using RSC. The issue has been patched, but 39% of cloud environments remain vulnerable. Cloudflare experienced a widespread outage due to an emergency patch for this vulnerability, and multiple China-linked hacking groups have begun exploiting it. NHS England National CSOC has warned of the likelihood of continued exploitation in the wild. Major companies such as Google Cloud, AWS, and Cloudflare immediately responded to the vulnerability. The security researcher Lachlan Davidson disclosed the vulnerability on November 29, 2025, to the Meta team. The flaw has been dubbed React2Shell, a nod to the Log4Shell vulnerability discovered in 2021. The US National Vulnerability Database (NVD) rejected CVE-2025-66478 as a duplicate of CVE-2025-55182. Exploitation success rate is reported to be nearly 100% in default configurations. React servers that use React Server Function endpoints are known to be vulnerable. The Next.js web application is also vulnerable in its default configuration. At the time of writing, it is unknown if active exploitation has occurred, but there have been some reports of observed exploitation activity as of December 5, 2026. OX Security warned that the flaw is now actively exploitable on December 5, around 10am GMT. Hacker maple3142 published a working PoC, and OX Security successfully verified it. JFrog identified fake proof-of-concepts (PoC) on GitHub, warning security teams to verify sources before testing. Cloudflare started investigating issues on December 5 at 08:56 UTC, and a fix was rolled out within half an hour, but by that time outages had been reported by several major internet services, including Zoom, LinkedIn, Coinbase, DoorDash, and Canva.

Open in new tab