🍊柑橘 RSS 阅读器 - 鸿蒙首款原生 RSS 阅读器

Jan 26, 2026

This week’s release introduces new detections for denial-of-service attempts targeting React CVE-2026-23864 (https://www.cve.org/CVERecord?id=CVE-2026-23864 ↗).

Key Findings

CVE-2026-23864 (https://www.cve.org/CVERecord?id=CVE-2026-23864 ↗) affects react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack packages.
Attackers can send crafted HTTP requests to Server Function endpoints, causing server crashes, out-of-memory exceptions, or excessive CPU usage.

Ruleset	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	N/A	React Server - DOS - CVE:CVE-2026-23864 - 1	N/A	Block	This is a new detection.
Cloudflare Managed Ruleset	N/A	React Server - DOS - CVE:CVE-2026-23864 - 2	N/A	Block	This is a new detection.
Cloudflare Managed Ruleset	N/A	React Server - DOS - CVE:CVE-2026-23864 - 3	N/A	Block	This is a new detection.

Jan 26, 2026

This week’s release introduces new detections for denial-of-service attempts targeting React CVE-2026-23864 (https://www.cve.org/CVERecord?id=CVE-2026-23864 ↗).

Key Findings

CVE-2026-23864 (https://www.cve.org/CVERecord?id=CVE-2026-23864 ↗) affects react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack packages.
Attackers can send crafted HTTP requests to Server Function endpoints, causing server crashes, out-of-memory exceptions, or excessive CPU usage.

Ruleset	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Managed Ruleset	N/A	React Server - DOS - CVE:CVE-2026-23864 - 1	N/A	Block	This is a new detection.
Cloudflare Managed Ruleset	N/A	React Server - DOS - CVE:CVE-2026-23864 - 2	N/A	Block	This is a new detection.
Cloudflare Managed Ruleset	N/A	React Server - DOS - CVE:CVE-2026-23864 - 3	N/A	Block	This is a new detection.