Blog

This week’s emergency release introduces a new rule to block a critical RCE vulnerability in widely-used web frameworks through unsafe deserialization patterns.

Key Findings

New WAF rule deployed for RCE Generic Framework to block malicious POST requests containing unsafe deserialization patterns. If successfully exploited, this vulnerability allows attackers with network access via HTTP to execute arbitrary code remotely.

Impact

• Successful exploitation allows unauthenticated attackers to execute arbitrary code remotely through crafted serialization payloads, enabling complete system compromise, data exfiltration, and potential lateral movement within affected environments.

This week’s release introduces new detections for remote code execution attempts targeting Monsta FTP (CVE-2025-34299), alongside improvements to an existing XSS detection to enhance coverage.

Key Findings

• CVE-2025-34299 is a critical remote code execution flaw in Monsta FTP, arising from improper handling of user-supplied parameters within the file-handling interface. Certain builds allow crafted requests to bypass sanitization and reach backend PHP functions that execute arbitrary commands. Attackers can send manipulated parameters through the web panel to trigger command execution within the application’s runtime environment.

Impact

If exploited, the vulnerability enables full remote command execution on the underlying server, allowing takeover of the hosting environment, unauthorized file access, and potential lateral movement. As the flaw can be triggered without authentication on exposed Monsta FTP instances, it represents a severe risk for publicly reachable deployments.

The latest release of @cloudflare/agents brings resumable streaming, significant MCP client improvements, and critical fixes for schedules and Durable Object lifecycle management.

Resumable streaming

AIChatAgent now supports resumable streaming, allowing clients to reconnect and continue receiving streamed responses without losing data. This is useful for:

• Long-running AI responses
• Users on unreliable networks
• Users switching between devices mid-conversation
• Background tasks where users navigate away and return
• Real-time collaboration where multiple clients need to stay in sync

Streams are maintained across page refreshes, broken connections, and syncing across open tabs and devices.

Other improvements

• Default JSON schema validator added to MCP client
• Schedules can now safely destroy the agent

MCP client API improvements

The MCPClientManager API has been redesigned for better clarity and control:

• New registerServer() method: Register MCP servers without immediately connecting
• New connectToServer() method: Establish connections to registered servers
• Improved reconnect logic: restoreConnectionsFromStorage() now properly handles failed connections

// Register a server to Agent
const { id } = await this.mcp.registerServer({
  name: "my-server",
  url: "https://my-mcp-server.example.com",
});

// Connect when ready
await this.mcp.connectToServer(id);

// Discover tools, prompts and resources
await this.mcp.discoverIfConnected(id);

The SDK now includes a formalized MCPConnectionState enum with states: idle, connecting, authenticating, connected, discovering, and ready.

Enhanced MCP discovery

MCP discovery fetches the available tools, prompts, and resources from an MCP server so your agent knows what capabilities are available. The MCPClientConnection class now includes a dedicated discover() method with improved reliability:

• Supports cancellation via AbortController
• Configurable timeout (default 15s)
• Discovery failures now throw errors immediately instead of silently continuing

Bug fixes

• Fixed a bug where schedules meant to fire immediately with this.schedule(0, …) or this.schedule(new Date(), ...) would not fire
• Fixed an issue where schedules that took longer than 30 seconds would occasionally time out
• Fixed SSE transport now properly forwards session IDs and request headers
• Fixed AI SDK stream events convertion to UIMessageStreamPart

Upgrade

To update to the latest version:

npm i agents@latest

The latest release of @cloudflare/agents brings resumable streaming, significant MCP client improvements, and critical fixes for schedules and Durable Object lifecycle management.

Resumable streaming

AIChatAgent now supports resumable streaming, allowing clients to reconnect and continue receiving streamed responses without losing data. This is useful for:

• Long-running AI responses
• Users on unreliable networks
• Users switching between devices mid-conversation
• Background tasks where users navigate away and return
• Real-time collaboration where multiple clients need to stay in sync

Streams are maintained across page refreshes, broken connections, and syncing across open tabs and devices.

Other improvements

• Default JSON schema validator added to MCP client
• Schedules can now safely destroy the agent

MCP client API improvements

The MCPClientManager API has been redesigned for better clarity and control:

• New registerServer() method: Register MCP servers without immediately connecting
• New connectToServer() method: Establish connections to registered servers
• Improved reconnect logic: restoreConnectionsFromStorage() now properly handles failed connections

// Register a server to Agent
const { id } = await this.mcp.registerServer({
  name: "my-server",
  url: "https://my-mcp-server.example.com",
});

// Connect when ready
await this.mcp.connectToServer(id);

// Discover tools, prompts and resources
await this.mcp.discoverIfConnected(id);

The SDK now includes a formalized MCPConnectionState enum with states: idle, connecting, authenticating, connected, discovering, and ready.

Enhanced MCP discovery

MCP discovery fetches the available tools, prompts, and resources from an MCP server so your agent knows what capabilities are available. The MCPClientConnection class now includes a dedicated discover() method with improved reliability:

• Supports cancellation via AbortController
• Configurable timeout (default 15s)
• Discovery failures now throw errors immediately instead of silently continuing

Bug fixes

• Fixed a bug where schedules meant to fire immediately with this.schedule(0, …) or this.schedule(new Date(), ...) would not fire
• Fixed an issue where schedules that took longer than 30 seconds would occasionally time out
• Fixed SSE transport now properly forwards session IDs and request headers
• Fixed AI SDK stream events convertion to UIMessageStreamPart

Upgrade

To update to the latest version:

npm i agents@latest

The latest release of @cloudflare/agents brings resumable streaming, significant MCP client improvements, and critical fixes for schedules and Durable Object lifecycle management.

Resumable streaming

AIChatAgent now supports resumable streaming, allowing clients to reconnect and continue receiving streamed responses without losing data. This is useful for:

• Long-running AI responses
• Users on unreliable networks
• Users switching between devices mid-conversation
• Background tasks where users navigate away and return
• Real-time collaboration where multiple clients need to stay in sync

Streams are maintained across page refreshes, broken connections, and syncing across open tabs and devices.

Other improvements

• Default JSON schema validator added to MCP client
• Schedules can now safely destroy the agent

MCP client API improvements

The MCPClientManager API has been redesigned for better clarity and control:

• New registerServer() method: Register MCP servers without immediately connecting
• New connectToServer() method: Establish connections to registered servers
• Improved reconnect logic: restoreConnectionsFromStorage() now properly handles failed connections

// Register a server to Agent
const { id } = await this.mcp.registerServer({
  name: "my-server",
  url: "https://my-mcp-server.example.com",
});

// Connect when ready
await this.mcp.connectToServer(id);

// Discover tools, prompts and resources
await this.mcp.discoverIfConnected(id);

The SDK now includes a formalized MCPConnectionState enum with states: idle, connecting, authenticating, connected, discovering, and ready.

Enhanced MCP discovery

MCP discovery fetches the available tools, prompts, and resources from an MCP server so your agent knows what capabilities are available. The MCPClientConnection class now includes a dedicated discover() method with improved reliability:

• Supports cancellation via AbortController
• Configurable timeout (default 15s)
• Discovery failures now throw errors immediately instead of silently continuing

Bug fixes

• Fixed a bug where schedules meant to fire immediately with this.schedule(0, …) or this.schedule(new Date(), ...) would not fire
• Fixed an issue where schedules that took longer than 30 seconds would occasionally time out
• Fixed SSE transport now properly forwards session IDs and request headers
• Fixed AI SDK stream events convertion to UIMessageStreamPart

Upgrade

To update to the latest version:

npm i agents@latest

The latest release of @cloudflare/agents brings resumable streaming, significant MCP client improvements, and critical fixes for schedules and Durable Object lifecycle management.

Resumable streaming

AIChatAgent now supports resumable streaming, allowing clients to reconnect and continue receiving streamed responses without losing data. This is useful for:

• Long-running AI responses
• Users on unreliable networks
• Users switching between devices mid-conversation
• Background tasks where users navigate away and return
• Real-time collaboration where multiple clients need to stay in sync

Streams are maintained across page refreshes, broken connections, and syncing across open tabs and devices.

Other improvements

• Default JSON schema validator added to MCP client
• Schedules can now safely destroy the agent

MCP client API improvements

The MCPClientManager API has been redesigned for better clarity and control:

• New registerServer() method: Register MCP servers without immediately connecting
• New connectToServer() method: Establish connections to registered servers
• Improved reconnect logic: restoreConnectionsFromStorage() now properly handles failed connections

// Register a server to Agent
const { id } = await this.mcp.registerServer({
  name: "my-server",
  url: "https://my-mcp-server.example.com",
});

// Connect when ready
await this.mcp.connectToServer(id);

// Discover tools, prompts and resources
await this.mcp.discoverIfConnected(id);

The SDK now includes a formalized MCPConnectionState enum with states: idle, connecting, authenticating, connected, discovering, and ready.

Enhanced MCP discovery

MCP discovery fetches the available tools, prompts, and resources from an MCP server so your agent knows what capabilities are available. The MCPClientConnection class now includes a dedicated discover() method with improved reliability:

• Supports cancellation via AbortController
• Configurable timeout (default 15s)
• Discovery failures now throw errors immediately instead of silently continuing

Bug fixes

• Fixed a bug where schedules meant to fire immediately with this.schedule(0, …) or this.schedule(new Date(), ...) would not fire
• Fixed an issue where schedules that took longer than 30 seconds would occasionally time out
• Fixed SSE transport now properly forwards session IDs and request headers
• Fixed AI SDK stream events convertion to UIMessageStreamPart

Upgrade

To update to the latest version:

npm i agents@latest

The latest release of @cloudflare/agents brings resumable streaming, significant MCP client improvements, and critical fixes for schedules and Durable Object lifecycle management.

Resumable streaming

AIChatAgent now supports resumable streaming, allowing clients to reconnect and continue receiving streamed responses without losing data. This is useful for:

• Long-running AI responses
• Users on unreliable networks
• Users switching between devices mid-conversation
• Background tasks where users navigate away and return
• Real-time collaboration where multiple clients need to stay in sync

Streams are maintained across page refreshes, broken connections, and syncing across open tabs and devices.

Other improvements

• Default JSON schema validator added to MCP client
• Schedules can now safely destroy the agent

MCP client API improvements

The MCPClientManager API has been redesigned for better clarity and control:

• New registerServer() method: Register MCP servers without immediately connecting
• New connectToServer() method: Establish connections to registered servers
• Improved reconnect logic: restoreConnectionsFromStorage() now properly handles failed connections

// Register a server to Agent
const { id } = await this.mcp.registerServer({
  name: "my-server",
  url: "https://my-mcp-server.example.com",
});

// Connect when ready
await this.mcp.connectToServer(id);

// Discover tools, prompts and resources
await this.mcp.discoverIfConnected(id);

The SDK now includes a formalized MCPConnectionState enum with states: idle, connecting, authenticating, connected, discovering, and ready.

Enhanced MCP discovery

MCP discovery fetches the available tools, prompts, and resources from an MCP server so your agent knows what capabilities are available. The MCPClientConnection class now includes a dedicated discover() method with improved reliability:

• Supports cancellation via AbortController
• Configurable timeout (default 15s)
• Discovery failures now throw errors immediately instead of silently continuing

Bug fixes

• Fixed a bug where schedules meant to fire immediately with this.schedule(0, …) or this.schedule(new Date(), ...) would not fire
• Fixed an issue where schedules that took longer than 30 seconds would occasionally time out
• Fixed SSE transport now properly forwards session IDs and request headers
• Fixed AI SDK stream events convertion to UIMessageStreamPart

Upgrade

To update to the latest version:

npm i agents@latest

The latest release of @cloudflare/agents brings resumable streaming, significant MCP client improvements, and critical fixes for schedules and Durable Object lifecycle management.

Resumable streaming

AIChatAgent now supports resumable streaming, allowing clients to reconnect and continue receiving streamed responses without losing data. This is useful for:

• Long-running AI responses
• Users on unreliable networks
• Users switching between devices mid-conversation
• Background tasks where users navigate away and return
• Real-time collaboration where multiple clients need to stay in sync

Streams are maintained across page refreshes, broken connections, and syncing across open tabs and devices.

Other improvements

• Default JSON schema validator added to MCP client
• Schedules can now safely destroy the agent

MCP client API improvements

The MCPClientManager API has been redesigned for better clarity and control:

• New registerServer() method: Register MCP servers without immediately connecting
• New connectToServer() method: Establish connections to registered servers
• Improved reconnect logic: restoreConnectionsFromStorage() now properly handles failed connections

// Register a server to Agent
const { id } = await this.mcp.registerServer({
  name: "my-server",
  url: "https://my-mcp-server.example.com",
});

// Connect when ready
await this.mcp.connectToServer(id);

// Discover tools, prompts and resources
await this.mcp.discoverIfConnected(id);

The SDK now includes a formalized MCPConnectionState enum with states: idle, connecting, authenticating, connected, discovering, and ready.

Enhanced MCP discovery

MCP discovery fetches the available tools, prompts, and resources from an MCP server so your agent knows what capabilities are available. The MCPClientConnection class now includes a dedicated discover() method with improved reliability:

• Supports cancellation via AbortController
• Configurable timeout (default 15s)
• Discovery failures now throw errors immediately instead of silently continuing

Bug fixes

• Fixed a bug where schedules meant to fire immediately with this.schedule(0, …) or this.schedule(new Date(), ...) would not fire
• Fixed an issue where schedules that took longer than 30 seconds would occasionally time out
• Fixed SSE transport now properly forwards session IDs and request headers
• Fixed AI SDK stream events convertion to UIMessageStreamPart

Upgrade

To update to the latest version:

npm i agents@latest

We’ve partnered with Black Forest Labs (BFL) to bring their latest FLUX.2 [dev] model to Workers AI! This model excels in generating high-fidelity images with physical world grounding, multi-language support, and digital asset creation. You can also create specific super images with granular controls like JSON prompting.

Read the BFL blog to learn more about the model itself. Read our Cloudflare blog to see the model in action, or try it out yourself on our multi modal playground.

Pricing documentation is available on the model page or pricing page. Note, we expect to drop pricing in the next few days after iterating on the model performance.

Workers AI Platform specifics

The model hosted on Workers AI is able to support up to 4 image inputs (512×512 per input image). Note, this image model is one of the most powerful in the catalog and is expected to be slower than the other image models we currently support. One catch to look out for is that this model takes multipart form data inputs, even if you just have a prompt.

With the REST API, the multipart form data input looks like this:

curl --request POST 
  --url 'https://api.cloudflare.com/client/v4/accounts/{ACCOUNT}/ai/run/@cf/black-forest-labs/flux-2-dev' 
  --header 'Authorization: Bearer {TOKEN}' 
  --header 'Content-Type: multipart/form-data' 
  --form 'prompt=a sunset at the alps' 
  --form steps=25
  --form width=1024
  --form height=1024

With the Workers AI binding, you can use it as such:

const form = new FormData();
form.append('prompt', 'a sunset with a dog');
form.append('width', '1024');
form.append('height', '1024');

//this dummy request is temporary hack
//we're pushing a change to address this soon
const formRequest = new Request('http://dummy', {
  method: 'POST',
  body: form
});
const formStream = formRequest.body;
const formContentType = formRequest.headers.get('content-type') || 'multipart/form-data';

const resp = await env.AI.run("@cf/black-forest-labs/flux-2-dev", {
  multipart: {
    body: formStream,
    contentType: formContentType
  }
});

The parameters you can send to the model are detailed here:

## Multi-Reference Images

The FLUX.2 model is great at generating images based on reference images. You can use this feature to apply the style of one image to another, add a new character to an image, or iterate on past generate images. You would use it with the same multipart form data structure, with the input images in binary.

For the prompt, you can reference the images based on the index, like `take the subject of image 1 and style it like image 0` or even use natural language like `place the dog beside the woman`.

Note: you have to name the input parameter as `input_image_0`, `input_image_1`, `input_image_2` for it to work correctly. All input images must be smaller than 512x512.

```bash
curl --request POST 
  --url 'https://api.cloudflare.com/client/v4/accounts/{ACCOUNT}/ai/run/@cf/black-forest-labs/flux-2-dev' 
  --header 'Authorization: Bearer {TOKEN}' 
  --header 'Content-Type: multipart/form-data' 
  --form 'prompt=take the subject of image 1 and style it like image 0' 
  --form input_image_0=@/Users/johndoe/Desktop/icedoutkeanu.png 
  --form input_image_1=@/Users/johndoe/Desktop/me.png 
  --form steps=25
  --form width=1024
  --form height=1024

Through Workers AI Binding:

//helper function to convert ReadableStream to Blob
async function streamToBlob(stream: ReadableStream, contentType: string): Promise<Blob> {
  const reader = stream.getReader();
  const chunks = [];

  while (true) {
    const { done, value } = await reader.read();
    if (done) break;
    chunks.push(value);
  }

  return new Blob(chunks, { type: contentType });
}

const image0 = await fetch("http://image-url");
const image1 = await fetch("http://image-url");
const form = new FormData();

const image_blob0 = await streamToBlob(image0.body, "image/png");
const image_blob1 = await streamToBlob(image1.body, "image/png");
form.append('input_image_0', image_blob0)
form.append('input_image_1', image_blob1)
form.append('prompt', 'take the subject of image 1and style it like image 0')

//this dummy request is temporary hack
//we're pushing a change to address this soon
const formRequest = new Request('http://dummy', {
  method: 'POST',
  body: form
});
const formStream = formRequest.body;
const formContentType = formRequest.headers.get('content-type') || 'multipart/form-data';

const resp = await env.AI.run("@cf/black-forest-labs/flux-2-dev", {
    multipart: {
        body: form,
        contentType: "multipart/form-data"
    }
})

JSON Prompting

The model supports prompting in JSON to get more granular control over images. You would pass the JSON as the value of the ‘prompt’ field in the multipart form data. See the JSON schema below on the base parameters you can pass to the model.

{
  "type": "object",
  "properties": {
    "scene": {
      "type": "string",
      "description": "Overall scene setting or location"
    },
    "subjects": {
      "type": "array",
      "items": {
        "type": "object",
        "properties": {
          "type": {
            "type": "string",
            "description": "Type of subject (e.g., desert nomad, blacksmith, DJ, falcon)"
          },
          "description": {
            "type": "string",
            "description": "Physical attributes, clothing, accessories"
          },
          "pose": {
            "type": "string",
            "description": "Action or stance"
          },
          "position": {
            "type": "string",
            "enum": ["foreground", "midground", "background"],
            "description": "Depth placement in scene"
          }
        },
        "required": ["type", "description", "pose", "position"]
      }
    },
    "style": {
      "type": "string",
      "description": "Artistic rendering style (e.g., digital painting, photorealistic, pixel art, noir sci-fi, lifestyle photo, wabi-sabi photo)"
    },
    "color_palette": {
      "type": "array",
      "items": { "type": "string" },
      "minItems": 3,
      "maxItems": 3,
      "description": "Exactly 3 main colors for the scene (e.g., ['navy', 'neon yellow', 'magenta'])"
    },
    "lighting": {
      "type": "string",
      "description": "Lighting condition and direction (e.g., fog-filtered sun, moonlight with star glints, dappled sunlight)"
    },
    "mood": {
      "type": "string",
      "description": "Emotional atmosphere (e.g., harsh and determined, playful and modern, peaceful and dreamy)"
    },
    "background": {
      "type": "string",
      "description": "Background environment details"
    },
    "composition": {
      "type": "string",
      "enum": [
        "rule of thirds",
        "circular arrangement",
        "framed by foreground",
        "minimalist negative space",
        "S-curve",
        "vanishing point center",
        "dynamic off-center",
        "leading leads",
        "golden spiral",
        "diagonal energy",
        "strong verticals",
        "triangular arrangement"
      ],
      "description": "Compositional technique"
    },
    "camera": {
      "type": "object",
      "properties": {
        "angle": {
          "type": "string",
          "enum": ["eye level", "low angle", "slightly low", "bird's-eye", "worm's-eye", "over-the-shoulder", "isometric"],
          "description": "Camera perspective"
        },
        "distance": {
          "type": "string",
          "enum": ["close-up", "medium close-up", "medium shot", "medium wide", "wide shot", "extreme wide"],
          "description": "Framing distance"
        },
        "focus": {
          "type": "string",
          "enum": ["deep focus", "macro focus", "selective focus", "sharp on subject", "soft background"],
          "description": "Focus type"
        },
        "lens": {
          "type": "string",
          "enum": ["14mm", "24mm", "35mm", "50mm", "70mm", "85mm"],
          "description": "Focal length (wide to telephoto)"
        },
        "f-number": {
          "type": "string",
          "description": "Aperture (e.g., f/2.8, the smaller the number the more blurry the background)"
        },
        "ISO": {
          "type": "number",
          "description": "Light sensitivity value (comfortable range between 100 & 6400, lower = less sensitivity)"
        }
      }
    },
    "effects": {
      "type": "array",
      "items": { "type": "string" },
      "description": "Post-processing effects (e.g., 'lens flare small', 'subtle film grain', 'soft bloom', 'god rays', 'chromatic aberration mild')"
    }
  },
  "required": ["scene", "subjects"]
}

Other features to try

• The model also supports the most common latin and non-latin character languages
• You can prompt the model with specific hex codes like #2ECC71
• Try creating digital assets like landing pages, comic strips, infographics too!