From 00909161186738e73176d1991352f05c00fa217e Mon Sep 17 00:00:00 2001
From: ah-young <ah-young@cloudflare.com>
Date: Thu, 23 Oct 2025 13:54:33 +0800
Subject: [PATCH 1/2] Add Change log for WAF Emergency release on Oct 23.

---
 .../waf/2025-10-23-emergency-waf-release.mdx  | 43 +++++++++++++++++++
 1 file changed, 43 insertions(+)
 create mode 100644 src/content/changelog/waf/2025-10-23-emergency-waf-release.mdx

diff --git a/src/content/changelog/waf/2025-10-23-emergency-waf-release.mdx b/src/content/changelog/waf/2025-10-23-emergency-waf-release.mdx
new file mode 100644
index 000000000000000..6a70648aa603d30
--- /dev/null
+++ b/src/content/changelog/waf/2025-10-23-emergency-waf-release.mdx
@@ -0,0 +1,43 @@
+---
+title: "WAF Release - 2025-10-23 - Emergency"
+description: Cloudflare WAF managed rulesets 2025-10-23 emergency release
+date: 2025-10-23
+---
+
+import { RuleID } from "~/components";
+
+This week highlights enhancements to detection signatures improving coverage for vulnerabilities in Adobe Commerce and Magento Open Source, linked to CVE-2025-54236.
+
+**Key Findings**
+
+This vulnerability allows unauthenticated attackers to take over customer accounts through the Commerce REST API and, in certain configurations, may lead to remote code execution. The latest update enhances detection logic to provide more resilient protection against exploitation attempts.
+**Impact**
+
+Adobe Commerce (CVE-2025-54236): Exploitation may allow attackers to hijack sessions, execute arbitrary commands, steal data, and disrupt storefronts, resulting in confidentiality and integrity risks for merchants. Administrators are strongly encouraged to apply vendor patches without delay.
+
+<table style="width: 100%">
+  <thead>
+    <tr>
+      <th>Ruleset</th>
+      <th>Rule ID</th>
+      <th>Legacy Rule ID</th>
+      <th>Description</th>
+      <th>Previous Action</th>
+      <th>New Action</th>
+      <th>Comments</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td>Cloudflare Managed Ruleset</td>
+      <td>
+        <RuleID id="6e04fa2b9eb34fb088034d3fc6ef59a1" />
+      </td>
+      <td>N/A</td>
+      <td>Adobe Commerce - Remote Code Execution - CVE:CVE-2025-54236</td>
+      <td>N/A</td>
+      <td>Block</td>
+      <td>This is a New Detection</td>
+    </tr>
+  </tbody>
+</table>

From ab47b31b603ddfeaf1cb3fe802cddc7d5ea9415d Mon Sep 17 00:00:00 2001
From: ah-young <ah-young@cloudflare.com>
Date: Thu, 23 Oct 2025 14:16:13 +0800
Subject: [PATCH 2/2] add new line to modify format

---
 src/content/changelog/waf/2025-10-23-emergency-waf-release.mdx | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/content/changelog/waf/2025-10-23-emergency-waf-release.mdx b/src/content/changelog/waf/2025-10-23-emergency-waf-release.mdx
index 6a70648aa603d30..968037a9f6bf67c 100644
--- a/src/content/changelog/waf/2025-10-23-emergency-waf-release.mdx
+++ b/src/content/changelog/waf/2025-10-23-emergency-waf-release.mdx
@@ -11,6 +11,7 @@ This week highlights enhancements to detection signatures improving coverage for
 **Key Findings**
 
 This vulnerability allows unauthenticated attackers to take over customer accounts through the Commerce REST API and, in certain configurations, may lead to remote code execution. The latest update enhances detection logic to provide more resilient protection against exploitation attempts.
+
 **Impact**
 
 Adobe Commerce (CVE-2025-54236): Exploitation may allow attackers to hijack sessions, execute arbitrary commands, steal data, and disrupt storefronts, resulting in confidentiality and integrity risks for merchants. Administrators are strongly encouraged to apply vendor patches without delay.