Aggregates CVE and security vulnerability intelligence across all Cloudflare-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk input validation, vendor risk path handling, and vendor risk buffer overflow, with potential vendor impact application crash across vendor surface software deployment use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2020-24356 | `cloudflared` versions prior to 2020.8.1 contain a local privilege escalation vulnerability on Windows systems. When run on a Windows system, `cloudflared` searches for configuration files which could be abused by a malicious entity to execute commands as a privileged user. Version 2020.8.1 fixes this issue. | [email protected] | 6.4 | 0.34% | 2020-10-02 | 2026-06-16 |