CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-3125

A Server-Side Request Forgery (SSRF) vulnerability was identified in the @opennextjs/cloudflare package, resulting from a path normalization bypass in the /cdn-cgi/image/ handler.The @opennextjs/cloudflare worker template includes a /cdn-cgi/image/ handler intended for development use only. In production, Cloudflare's edge intercepts /cdn-cgi/image/ requests before they reach the Worker. However, by substituting a backslash for a forward slash (/cdn-cgi\image/ instead of /cdn-cgi/image/), an attacker can bypass edge interception and have the request reach the Worker directly. The JavaScript URL class then normalizes the backslash to a forward slash, causing the request to match the handler and trigger an unvalidated fetch of arbitrary remote URLs. For example: https://victim-site.com/cdn-cgi\image/aaaa/https://attacker.com In this example, attacker-controlled content from attacker.com is served through the victim site's domain (victim-site.com), violating the same-origin policy and potentially misleading users or other services. Note: This bypass only works via HTTP clients that preserve backslashes in paths (e.g., curl --path-as-is). Browsers normalize backslashes to forward slashes before sending requests. Additionally, Cloudflare Workers with Assets and Cloudflare Pages suffer from a similar vulnerability. Assets stored under /cdn-cgi/ paths are not publicly accessible under normal conditions. However, using the same backslash bypass (/cdn-cgi\... instead of /cdn-cgi/...), these assets become publicly accessible. This could be used to retrieve private data. For example, Open Next projects store incremental cache data under /cdn-cgi/_next_cache, which could be exposed via this bypass.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 1.9%

CVSS Severity

CVSS v3 Score 6.5

References

Products affected by CVE-2026-3125

Opennextjs » Opennext For Cloudflare » Version: 0.0.3

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.0.3
Opennextjs » Opennext For Cloudflare » Version: 0.1.0

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.1.0
Opennextjs » Opennext For Cloudflare » Version: 0.1.1

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.1.1
Opennextjs » Opennext For Cloudflare » Version: 0.2.0

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.2.0
Opennextjs » Opennext For Cloudflare » Version: 0.2.1

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.2.1
Opennextjs » Opennext For Cloudflare » Version: 0.3.0

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.3.0
Opennextjs » Opennext For Cloudflare » Version: 0.3.1

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.3.1
Opennextjs » Opennext For Cloudflare » Version: 0.3.10

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.3.10
Opennextjs » Opennext For Cloudflare » Version: 0.3.2

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.3.2
Opennextjs » Opennext For Cloudflare » Version: 0.3.3

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.3.3
Opennextjs » Opennext For Cloudflare » Version: 0.3.4

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.3.4
Opennextjs » Opennext For Cloudflare » Version: 0.3.5

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.3.5
Opennextjs » Opennext For Cloudflare » Version: 0.3.6

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.3.6
Opennextjs » Opennext For Cloudflare » Version: 0.3.7

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.3.7
Opennextjs » Opennext For Cloudflare » Version: 0.3.8

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.3.8
Opennextjs » Opennext For Cloudflare » Version: 0.3.9

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.3.9
Opennextjs » Opennext For Cloudflare » Version: 0.4.0

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.4.0
Opennextjs » Opennext For Cloudflare » Version: 0.4.1

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.4.1
Opennextjs » Opennext For Cloudflare » Version: 0.4.2

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.4.2
Opennextjs » Opennext For Cloudflare » Version: 0.4.3

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.4.3
Opennextjs » Opennext For Cloudflare » Version: 0.4.4

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.4.4
Opennextjs » Opennext For Cloudflare » Version: 0.4.5

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.4.5
Opennextjs » Opennext For Cloudflare » Version: 0.4.6

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.4.6
Opennextjs » Opennext For Cloudflare » Version: 0.4.7

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.4.7
Opennextjs » Opennext For Cloudflare » Version: 0.4.8

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.4.8
Opennextjs » Opennext For Cloudflare » Version: 0.5.0

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.5.0
Opennextjs » Opennext For Cloudflare » Version: 0.5.1

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.5.1
Opennextjs » Opennext For Cloudflare » Version: 0.5.10

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.5.10
Opennextjs » Opennext For Cloudflare » Version: 0.5.11

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.5.11
Opennextjs » Opennext For Cloudflare » Version: 0.5.12

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.5.12
Opennextjs » Opennext For Cloudflare » Version: 0.5.2

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.5.2
Opennextjs » Opennext For Cloudflare » Version: 0.5.3

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.5.3
Opennextjs » Opennext For Cloudflare » Version: 0.5.4

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.5.4
Opennextjs » Opennext For Cloudflare » Version: 0.5.5

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.5.5
Opennextjs » Opennext For Cloudflare » Version: 0.5.6

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.5.6
Opennextjs » Opennext For Cloudflare » Version: 0.5.7

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.5.7
Opennextjs » Opennext For Cloudflare » Version: 0.5.8

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.5.8
Opennextjs » Opennext For Cloudflare » Version: 0.5.9

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.5.9
Opennextjs » Opennext For Cloudflare » Version: 0.6.0

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.6.0
Opennextjs » Opennext For Cloudflare » Version: 0.6.1

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.6.1
Opennextjs » Opennext For Cloudflare » Version: 0.6.2

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.6.2
Opennextjs » Opennext For Cloudflare » Version: 0.6.3

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.6.3
Opennextjs » Opennext For Cloudflare » Version: 0.6.4

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.6.4
Opennextjs » Opennext For Cloudflare » Version: 0.6.5

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.6.5
Opennextjs » Opennext For Cloudflare » Version: 0.6.6

cpe:2.3:a:opennextjs:opennext_for_cloudflare:0.6.6
Opennextjs » Opennext For Cloudflare » Version: 1.0.0

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.0.0
Opennextjs » Opennext For Cloudflare » Version: 1.0.1

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.0.1
Opennextjs » Opennext For Cloudflare » Version: 1.0.2

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.0.2
Opennextjs » Opennext For Cloudflare » Version: 1.0.3

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.0.3
Opennextjs » Opennext For Cloudflare » Version: 1.0.4

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.0.4
Opennextjs » Opennext For Cloudflare » Version: 1.1.0

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.1.0
Opennextjs » Opennext For Cloudflare » Version: 1.10.0

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.10.0
Opennextjs » Opennext For Cloudflare » Version: 1.10.1

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.10.1
Opennextjs » Opennext For Cloudflare » Version: 1.11.0

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.11.0
Opennextjs » Opennext For Cloudflare » Version: 1.11.1

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.11.1
Opennextjs » Opennext For Cloudflare » Version: 1.12.0

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.12.0
Opennextjs » Opennext For Cloudflare » Version: 1.13.0

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.13.0
Opennextjs » Opennext For Cloudflare » Version: 1.13.1

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.13.1
Opennextjs » Opennext For Cloudflare » Version: 1.14.0

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.14.0
Opennextjs » Opennext For Cloudflare » Version: 1.14.1

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.14.1
Opennextjs » Opennext For Cloudflare » Version: 1.14.10

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.14.10
Opennextjs » Opennext For Cloudflare » Version: 1.14.2

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.14.2
Opennextjs » Opennext For Cloudflare » Version: 1.14.3

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.14.3
Opennextjs » Opennext For Cloudflare » Version: 1.14.4

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.14.4
Opennextjs » Opennext For Cloudflare » Version: 1.14.5

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.14.5
Opennextjs » Opennext For Cloudflare » Version: 1.14.6

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.14.6
Opennextjs » Opennext For Cloudflare » Version: 1.14.7

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.14.7
Opennextjs » Opennext For Cloudflare » Version: 1.14.8

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.14.8
Opennextjs » Opennext For Cloudflare » Version: 1.14.9

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.14.9
Opennextjs » Opennext For Cloudflare » Version: 1.15.0

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.15.0
Opennextjs » Opennext For Cloudflare » Version: 1.15.1

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.15.1
Opennextjs » Opennext For Cloudflare » Version: 1.16.0

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.16.0
Opennextjs » Opennext For Cloudflare » Version: 1.16.1

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.16.1
Opennextjs » Opennext For Cloudflare » Version: 1.16.2

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.16.2
Opennextjs » Opennext For Cloudflare » Version: 1.16.3

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.16.3
Opennextjs » Opennext For Cloudflare » Version: 1.16.4

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.16.4
Opennextjs » Opennext For Cloudflare » Version: 1.16.5

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.16.5
Opennextjs » Opennext For Cloudflare » Version: 1.16.6

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.16.6
Opennextjs » Opennext For Cloudflare » Version: 1.17.0

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.17.0
Opennextjs » Opennext For Cloudflare » Version: 1.2.0

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.2.0
Opennextjs » Opennext For Cloudflare » Version: 1.2.1

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.2.1
Opennextjs » Opennext For Cloudflare » Version: 1.3.0

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.3.0
Opennextjs » Opennext For Cloudflare » Version: 1.3.1

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.3.1
Opennextjs » Opennext For Cloudflare » Version: 1.4.0

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.4.0
Opennextjs » Opennext For Cloudflare » Version: 1.5.0

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.5.0
Opennextjs » Opennext For Cloudflare » Version: 1.5.1

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.5.1
Opennextjs » Opennext For Cloudflare » Version: 1.5.2

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.5.2
Opennextjs » Opennext For Cloudflare » Version: 1.5.3

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.5.3
Opennextjs » Opennext For Cloudflare » Version: 1.6.0

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.6.0
Opennextjs » Opennext For Cloudflare » Version: 1.6.1

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.6.1
Opennextjs » Opennext For Cloudflare » Version: 1.6.2

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.6.2
Opennextjs » Opennext For Cloudflare » Version: 1.6.3

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.6.3
Opennextjs » Opennext For Cloudflare » Version: 1.6.4

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.6.4
Opennextjs » Opennext For Cloudflare » Version: 1.6.5

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.6.5
Opennextjs » Opennext For Cloudflare » Version: 1.7.0

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.7.0
Opennextjs » Opennext For Cloudflare » Version: 1.7.1

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.7.1
Opennextjs » Opennext For Cloudflare » Version: 1.8.0

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.8.0
Opennextjs » Opennext For Cloudflare » Version: 1.8.1

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.8.1
Opennextjs » Opennext For Cloudflare » Version: 1.8.2

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.8.2
Opennextjs » Opennext For Cloudflare » Version: 1.8.3

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.8.3
Opennextjs » Opennext For Cloudflare » Version: 1.8.4

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.8.4
Opennextjs » Opennext For Cloudflare » Version: 1.8.5

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.8.5
Opennextjs » Opennext For Cloudflare » Version: 1.9.0

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.9.0
Opennextjs » Opennext For Cloudflare » Version: 1.9.1

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.9.1
Opennextjs » Opennext For Cloudflare » Version: 1.9.2

cpe:2.3:a:opennextjs:opennext_for_cloudflare:1.9.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-3125

Products

Pricing

Contact Us