Release aug 29 2025 (#24806)

* Emergency Aug 29 2025

* Fix

Author: vs-mg

src/content/changelog/waf/2025-08-29-emergency-waf-release.mdx

@@ -0,0 +1,59 @@
+---
+title: "WAF Release - 2025-08-29 - Emergency"
+description: Cloudflare WAF managed rulesets 2025-08-29 emergency release
+date: 2025-08-29
+---
+
+import { RuleID } from "~/components";
+
+**This week's update**
+
+This week, new critical vulnerabilities were disclosed in Next.js’s image optimization functionality, exposing a broad range of production environments to risks of data exposure and cache manipulation.
+
+**Key Findings**
+
+- CVE-2025-55173: Arbitrary file download from the server via image optimization.
+
+- CVE-2025-57752: Cache poisoning leading to unauthorized data disclosure.
+
+**Impact**
+
+Exploitation could expose sensitive files, leak user or backend data, and undermine application trust. Given Next.js’s wide use, immediate patching and cache hardening are strongly advised.
+
+<table style="width: 100%">
+  <thead>
+    <tr>
+      <th>Ruleset</th>
+      <th>Rule ID</th>
+      <th>Legacy Rule ID</th>
+      <th>Description</th>
+      <th>Previous Action</th>
+      <th>New Action</th>
+      <th>Comments</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td>Cloudflare Managed Ruleset</td>
+      <td>
+        <RuleID id="ea55f8aac44246cc9b827eea9ff4bfe3" />
+      </td>
+      <td>100613</td>
+      <td>Next.js - Dangerous File Download - CVE:CVE-2025-55173</td>
+      <td>N/A</td>
+      <td>Block</td>
+      <td>This is a new detection</td>
+    </tr>
+    <tr>
+      <td>Cloudflare Managed Ruleset</td>
+      <td>
+        <RuleID id="e2b2d77a79cc4a76bf7ba53d69b9ea7d" />
+      </td>
+      <td>100616</td>
+      <td>Next.js - Information Disclosure - CVE:CVE-2025-57752</td>
+      <td>N/A</td>
+      <td>Block</td>
+      <td>This is a new detection</td>
+    </tr>
+  </tbody>
+</table>