Cloudflare Outage Map

Community Discussion

Tips? Frustrations? Share them here. Useful comments include a description of the problem, city and postal code.

Beware of "support numbers" or "recovery" accounts that might be posted below. Make sure to report and downvote those comments. Avoid posting your personal information.

Cloudflare Issues Reports

Latest outage, problems and issue reports in social media:

• 
  Taksh Shah (@takshshahh) reported 5 minutes ago

  @Thom_K_NL @Cloudflare Well the dashboard wouldn't even open for me yesterday so I'll say they have bigger issues

• 
  Bundle o' Ponies ∇θΔ (@ChiefWonderbolt) reported 6 minutes ago

  @FlorePvppy kept getting cloudflare issues :/

• 
  dawgyg - WoH (@thedawgyg) reported 9 minutes ago

  @UK_Daniel_Card @Cloudflare they are having a problem

• 
  System Architect (@SystemArch_AI) reported 13 minutes ago

  @rezoundous workers for cloudflare run on pure caffeine and spite, that edge network is a cheat code for solo devs

• 
  woner (@mywoner) reported 16 minutes ago

  Cloudflare is down again. Well, it's my leisure time for now

• 
  Neo (@cjsneo) reported 16 minutes ago

  cloudflare do such a good job on their services, but their actual interface is a total crock of ****. cant even log in half the time

• 
  henrique cunha (@henrycunh) reported 19 minutes ago

  the codex mobile app is fantastic holy **** only lacking a tunnel to localhost by default, but cloudflare tunnel quickly fixes it

• 
  Ammar Alakkad (@AmmarCodes) reported 20 minutes ago

  My study plan lives in Obsidian as markdown files. I set up @_HermesAgent to send me a daily briefing with today's material, linked directly to the file in Obsidian. Problem: Telegram doesn't support obsidian:// URIs. Solution: A Cloudflare redirect rule to → obsidian://open?vault=obsidian&file=X Now one tap in Telegram opens the right note in Obsidian. ✨

• 
  George Saoulidis (@georgecursor) reported 21 minutes ago

  @nakadai_mon @levelsio Storage of what? It's all on cloudflare. I run the literally named "newsletter" plugin on my wordpress and vibe coded a hack to use cloudflare instead of SMTP service. Need the plugin to handle subscribers and unsubscribes, otherwise Hermes can just shoot emails through cloudflare with no problem.

• 
  Aiona Edge (@aionaedge) reported 22 minutes ago

  Anthropic's Project Glasswing just released its first results, and the headline is staggering: Claude Mythos Preview has uncovered more than 10,000 high- or critical-severity vulnerabilities across partner software in just one month. Cloudflare alone found 2,000 bugs (400 high/critical). Mozilla patched 271 Firefox vulnerabilities — ten times what the previous Claude model caught. Palo Alto Networks shipped five times its normal patch volume. Microsoft says its patch releases will "continue trending larger for some time." But here's what the headlines are missing. **WHAT EVERYONE IS SAYING** The coverage reads like a cybersecurity breakthrough story. AI finds bugs! Software gets safer! Anthropic saves the internet! The narrative writes itself — a frontier AI model deployed responsibly through controlled partnerships, finding real vulnerabilities before bad actors can exploit them. It's the "responsible AI" story everyone wants to believe. And to be clear: the numbers are real. Anthropic independently scanned 1,000 open-source projects and found 6,202 high- or critical-severity vulnerabilities, with a 90.6% true positive rate after third-party verification. A Mythos-powered tool at a partner bank caught a $1.5M fraudulent wire transfer. The UK's AI Security Institute confirmed Mythos is the first model to fully solve both of its in-house cyber range simulations. These are not demo numbers. This is production-grade capability. **WHAT'S ACTUALLY GOING ON** Here's the part that should keep security leaders up at night: of those 23,019 total vulnerabilities Mythos found in open-source projects, only 97 have been patched. 97 out of 23,019. The bug-finding capacity of AI has completely outpaced the bug-fixing capacity of the humans who maintain the software the entire world runs on. Open-source maintainers have literally asked Anthropic to slow down disclosures because they can't keep up. The average fix time for a high- or critical-severity bug is two weeks. Anthropic's model finds them in hours. That's not a feature — that's a systemic risk multiplier. And Anthropic themselves are saying this explicitly. They write: "No company, including Anthropic, has built safeguards strong enough to stop misuse of these models and prevent serious damage." They note that Mythos-class capabilities will soon be widely available. OpenAI's GPT-5.5 is already competitive on these benchmarks, with a specialized GPT-5.5 Cyber variant available to vetted researchers. The asymmetric advantage attackers get from this — the ability to find and weaponize vulnerabilities at machine speed — is not theoretical. It is the current reality. Consider the math: a Mythos-class model can find a critical vulnerability in hours. The average time to patch is two weeks. That gap — call it the "exposure window" — just widened from a crack to a canyon. And it's not just zero-days anymore. It's thousands of known-but-unpatched vulnerabilities sitting in open-source infrastructure that the entire internet depends on. **WHAT THIS MEANS FOR BUSINESS LEADERS** 1. **Your patch cadence is now a competitive vulnerability.** If your organization patches on a monthly cycle, you're operating on a timescale that AI attackers have already left behind. The companies that will survive the next 24 months are the ones that can patch in days, not weeks. Audit your patch management process right now. If it takes you longer than 72 hours from patch availability to deployment for critical vulnerabilities, you are exposed. 2. **Open-source risk has fundamentally changed.** If you're running open-source infrastructure (and you are — the average enterprise has thousands of OSS dependencies), the old assumption was that obscurity provided some protection. That assumption is dead. Every unpatched vulnerability in every project you depend on is now findable by machine. Map your dependencies, identify which projects have small maintainer teams, and start contributing resources to their security. 3. **AI security tools are no longer optional — they're existential.** The same capability that finds 10,000 vulnerabilities can also exploit them. If your security team isn't using AI-powered vulnerability detection and response tools right now, you're defending a castle with medieval weapons against an army that has aerial reconnaissance. Budget for this in Q3, not next year's plan. 4. **The "responsible deployment" window is closing.** Anthropic is holding Mythos Preview back from public release specifically because they can't guarantee it won't be misused. But they acknowledge comparable models are coming. The period where only vetted partners have this capability is temporary. Your security planning should assume widespread availability by end of 2026. The real story of Project Glasswing isn't that AI can find bugs. It's that AI has exposed a structural weakness in how the world maintains its critical software. We built a civilization on open-source code maintained by underfunded teams, and we just gave everyone — defenders and attackers alike — a map of every crack in the foundation. The question isn't whether AI will make software more secure eventually. It almost certainly will. The question is what happens in the transition — and whether we can close the gap between finding flaws and fixing them before someone else exploits them first. #ProjectGlasswing #Cybersecurity #AISafety

• 
  Nick (@trannolis) reported 27 minutes ago

  @Cloudflare is perfectly positioned for the agent economy. I'm running OAuth, Zero Trust tunnels, and Workers handling Streamable HTTP MCP calls back to my servers. The combo of serverless + secure connectivity + native MCP support is insane for production agents.

• 
  Néstor (@nstlopez) reported 27 minutes ago

  Small Cloudflare Workers deploy debugging note: If "wrangler secret bulk --env ..." fails before deploy with code 10214, check the Worker’s latest version state. The problem may not be your secret value. Cloudflare can reject settings edits when the latest version has modified settings but is not currently deployed.

• 
  Robert Ta (@therobertta_) reported 29 minutes ago

  The Cloudflare encryption story proves it. A junior engineer walked into Matthew Prince's office: "Boss, would not a better internet be an encrypted internet? So why are we charging for encryption?" This was their number one revenue driver. Prince said: "Let us figure it out." They drove costs down, gave encryption away free, and became a $70B company.

• 
  Jordan Coeyman (@acoyfellow) reported 30 minutes ago

  @codependent_ai @Cloudflare our free tier is unmatched, as far as I know.. I just became a employee, but I've been a customer for a decade.

• 
  Cristian (@XCSme) reported 31 minutes ago

  @Cloudflare How do I login if the passkey was created on Apple and I want to login on a PC?