Browse all 5 CVE security advisories affecting fastly. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Fastly provides a content delivery network (CDN) and edge computing platform to optimize website performance and security. Historically, the service has been susceptible to remote code execution (RCE) and cross-site scripting (XSS) vulnerabilities, often stemming from misconfigurations or flaws in its edge logic. In 2020, a critical WAF misconfiguration exposed numerous customer websites, while a 2021 RCE vulnerability in its image optimization service allowed attackers to execute arbitrary code. Despite these incidents, Fastly maintains a relatively low CVE count compared to other major cloud providers, with its security posture generally improving over time through enhanced validation and patching processes.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-58199 | WordPress Fastly plugin <= 1.2.28 - Cross Site Request Forgery (CSRF) vulnerability — FastlyCWE-352 | 4.3 | Medium | 2025-09-22 |
| CVE-2024-34768 | WordPress Fastly plugin <= 1.2.25 - Broken Access Control vulnerability — FastlyCWE-862 | 5.3 | Medium | 2024-06-11 |
| CVE-2024-34803 | WordPress Fastly plugin <= 1.2.25 - Broken Access Control vulnerability — FastlyCWE-862 | 4.3 | Medium | 2024-06-03 |
This page lists every published CVE security advisory associated with fastly. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.