CVE-2026-1664
Unknown Unknown - Not Provided
IDOR in Cloudflare Agents SDK Email Routing Enables Mail Hijacking

Publication date: 2026-02-03

Last updated on: 2026-02-03

Assigner: Cloudflare, Inc.

Description
Summary An Insecure Direct Object Reference has been found to exist in `createHeaderBasedEmailResolver()` function within the Cloudflare Agents SDK. The issue occurs because the `Message-ID` and `References` headers are parsed to derive the target agentName and agentId without proper validation or origin checks, allowing an external attacker with control of these headers to route inbound mail to arbitrary Durable Object instances and namespaces . Root cause The `createHeaderBasedEmailResolver()` function lacks cryptographic verification or origin validation for the headers used in the routing logic, effectively allowing external input to dictate internal object routing. Impact Insecure Direct Object Reference (IDOR) in email routing lets an attacker steer inbound mail to arbitrary Agent instances via spoofed Message-ID. Mitigation: * PR: https://github.com/cloudflare/agents/blob/main/docs/email.md ] provides the necessary architectural context for coding agents to mitigate the issue by refactoring the resolver to enforce strict identity boundaries. * Agents-sdk users should upgrade to [email protected]
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-03
Last Modified
2026-02-03
Generated
2026-06-16
AI Q&A
2026-02-03
EPSS Evaluated
2026-06-14
NVD
CVE-2026-1664
EUVD
EUVD-2026-5307
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
cloudflare agents 0.3.7
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-639 The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an Insecure Direct Object Reference (IDOR) found in the createHeaderBasedEmailResolver() function within the Cloudflare Agents SDK. It occurs because the Message-ID and References email headers are parsed without proper validation or origin checks, allowing an attacker who controls these headers to route inbound mail to arbitrary Durable Object instances and namespaces. Essentially, external input can dictate internal routing due to lack of cryptographic verification or origin validation.

Impact Analysis

The vulnerability allows an attacker to manipulate inbound email routing by spoofing the Message-ID and References headers. This lets the attacker steer inbound mail to arbitrary Agent instances, potentially causing unauthorized access or manipulation of mail processing within the Cloudflare Agents environment.

Mitigation Strategies

To mitigate this vulnerability, upgrade to [email protected] and refactor the resolver to enforce strict identity boundaries as described in the architectural context provided in the Cloudflare Agents SDK documentation at https://github.com/cloudflare/agents/blob/main/docs/email.md. [1]

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability involves the manipulation of the Message-ID and References headers to route inbound mail to arbitrary Durable Object instances without proper validation. Detection would involve monitoring and inspecting inbound email headers for suspicious or unexpected Message-ID and References values that could indicate an attempt to exploit this Insecure Direct Object Reference.'}, {'type': 'paragraph', 'content': "Since the vulnerability is specific to the Cloudflare Agents SDK's email routing logic, detection commands would focus on capturing and analyzing email headers at the network or application level."}, {'type': 'list_item', 'content': 'Use packet capture tools like tcpdump or Wireshark to capture SMTP traffic and inspect Message-ID and References headers for anomalies.'}, {'type': 'list_item', 'content': 'Example tcpdump command to capture SMTP traffic on port 25: sudo tcpdump -i any port 25 -w smtp_traffic.pcap'}, {'type': 'list_item', 'content': 'Use grep or similar tools to search logs or captured data for unusual or unexpected Message-ID or References header values.'}, {'type': 'list_item', 'content': 'Review application logs for inbound mail routing events that reference unexpected agentName or agentId values derived from these headers.'}, {'type': 'paragraph', 'content': 'Ultimately, upgrading to [email protected] and refactoring the resolver as per the mitigation guidance is recommended to prevent exploitation.'}] [1]

Compliance Impact

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-1664. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart