Skip to content

Commit 4933aca

Browse files
authored
waf-release-changelog.mdx (#30751)
* Update scheduled-waf-release.mdx * Create 2026-05-11-waf-release.mdx * Update scheduled-waf-release.mdx
1 parent 06b56d5 commit 4933aca

2 files changed

Lines changed: 56 additions & 34 deletions

File tree

Lines changed: 48 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,48 @@
1+
---
2+
title: "WAF Release - 2026-05-11"
3+
description: Cloudflare WAF managed rulesets 2026-05-11 release
4+
date: 2026-05-11
5+
---
6+
7+
import { RuleID } from "~/components";
8+
9+
**Key Findings**
10+
11+
- Existing rule enhancements have been deployed to improve detection resilience against broad classes of web attacks and strengthen behavioral coverage.
12+
13+
14+
**Continuous Rule Improvements**
15+
16+
We are continuously refining our managed rules to provide more resilient protection and deeper insights into attack patterns. To ensure an optimal security posture, we recommend consistently monitoring the Security Events dashboard and adjusting rule actions as these enhancements are deployed.
17+
18+
19+
<table style="width: 100%">
20+
<thead>
21+
<tr>
22+
<th>Ruleset</th>
23+
<th>Rule ID</th>
24+
<th>Legacy Rule ID</th>
25+
<th>Description</th>
26+
<th>Previous Action</th>
27+
<th>New Action</th>
28+
<th>Comments</th>
29+
</tr>
30+
</thead>
31+
<tbody>
32+
<tr>
33+
<td>Cloudflare Managed Ruleset</td>
34+
<td>
35+
<RuleID id="23ac4a9e53f94467ba470c9468b3c389" />
36+
</td>
37+
<td>N/A</td>
38+
<td>Remote Code Execution - Java Deserialization - Body - Beta</td>
39+
<td>Block</td>
40+
<td>Disabled</td>
41+
<td>
42+
This is a new detection. This rule is merged into the original rule
43+
"Remote Code Execution - Java Deserialization" (ID:{" "}
44+
<RuleID id="36b0532eb3c941449afed2d3744305c4" />).
45+
</td>
46+
</tr>
47+
</tbody>
48+
</table>
Lines changed: 8 additions & 34 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
---
2-
title: WAF Release - Scheduled changes for 2026-05-11
3-
description: WAF managed ruleset changes scheduled for 2026-05-11
4-
date: 2026-05-04
2+
title: WAF Release - Scheduled changes for 2026-05-18
3+
description: WAF managed ruleset changes scheduled for 2026-05-18
4+
date: 2026-05-11
55
publish_future_dated_entry: true
66
---
77

@@ -21,45 +21,19 @@ import { RuleID } from "~/components";
2121
</thead>
2222
<tbody>
2323
<tr>
24-
<td>2026-05-04</td>
2524
<td>2026-05-11</td>
25+
<td>2026-05-18</td>
2626
<td>Disabled</td>
2727
<td>N/A</td>
2828
<td>
29-
<RuleID id="23ac4a9e53f94467ba470c9468b3c389" />
29+
<RuleID id="bcdcec3ea63a480896513dc39e9c068d" />
3030
</td>
31-
<td>Remote Code Execution - Java Deserialization - Body - Beta</td>
31+
<td>Sitecore - Cache Poisoning - CVE:CVE-2025-53693</td>
3232
<td>
3333
This is a new detection. This rule will be merged into the original rule
3434
"Remote Code Execution - Java Deserialization" (ID:{" "}
35-
<RuleID id="36b0532eb3c941449afed2d3744305c4" />)
35+
<RuleID id="d1bd7563e6254db48ce703807c5b669c" />)
3636
</td>
37-
</tr>
38-
<tr>
39-
<td>2026-05-04</td>
40-
<td>2026-05-11</td>
41-
<td>Disabled</td>
42-
<td>N/A</td>
43-
<td>
44-
<RuleID id="08dc41aba360462497aed46b519e9982" />
45-
</td>
46-
<td>Remote Code Execution - Java Deserialization - Headers</td>
47-
<td>
48-
This is a new detection.
49-
</td>
50-
</tr>
51-
<tr>
52-
<td>2026-05-04</td>
53-
<td>2026-05-11</td>
54-
<td>Disabled</td>
55-
<td>N/A</td>
56-
<td>
57-
<RuleID id="f9a1690105e44d08a74762467fe726a2" />
58-
</td>
59-
<td>Remote Code Execution - Java Deserialization - URI</td>
60-
<td>
61-
This is a new detection.
62-
</td>
63-
</tr>
37+
</tr>
6438
</tbody>
6539
</table>

0 commit comments

Comments
 (0)