On December 5, 2025, Cloudflare went down — briefly, but enough to jolt the internet. Websites and apps people use daily, from crypto exchanges to stock brokers and trading platforms, suddenly became unreachable.
What you should know — fast:
- The outage lasted about 25–30 minutes, but hit major services globally.
- It was triggered by an emergency firewall change to mitigate a critical vulnerability in React Server Components (CVE-2025-55182, AKA “React2Shell”).
- Among impacted platforms: global services like Coinbase and AI apps — and Indian trading platforms such as Zerodha, Groww, and others.
- This isn’t the first time recently — Cloudflare also suffered a massive outage on November 18, 2025.
- The disruption underlines a bigger truth: a few infrastructure companies power a huge chunk of the internet — when they wobble, we all feel it.
What Happened — Under the Hood
Cloudflare’s December outage wasn’t because of a hack or an attack. According to its own report, the disruption began when the company deployed a change to its Web Application Firewall (WAF). The update aimed to block exploits targeting a newly disclosed remote-code-execution vulnerability in React Server Components — dubbed “React2Shell.”
The change accidentally corrupted how the firewall parsed web requests. That caused widespread “500 Internal Server” and “Bad Gateway” errors across many sites and services.
Engineers rolled back the change — and within about 25 minutes, services started returning to normal.
Who Got Hit — And Why It Matters
Because Cloudflare acts as a backbone for vast parts of the internet, the outage had ripple effects everywhere. Among affected services:
- Global platforms like crypto exchanges, AI-powered sites and APIs, and SaaS tools.
- Indian brokerage and fintech platforms such as Zerodha, Groww, and a few others — users reported login failures, inability to trade, app & website downtime.
Because so many services rely on Cloudflare for traffic delivery and security, the outage highlighted a fragility in how we build and consume online services. What happens when a firewall tweak brings the web to its knees?
History’s Not On Its Side — Cloudflare’s Outage Track Record
This December glitch comes barely weeks after another major outage on November 18, 2025 — which was triggered by a bug in Cloudflare’s “Bot Management” configuration system. That earlier disruption knocked out a large portion of popular websites, including big names like ChatGPT, Spotify, Canva, X (formerly Twitter) and many more.
At the time, Cloudflare itself called that outage the worst since 2019.
So this recent outage isn’t just a blip — it adds to a concerning pattern.
What This Means for Users and Businesses
- Overdependence Risk: A lot of websites — from global platforms to localized fintech startups — use centralized services like Cloudflare. That makes the entire internet vulnerable to small internal glitches.
- Need for Redundancy: Businesses that rely on such infrastructure should consider backup or multi-CDN/ multi-CDN-plus-self-hosting strategies.
- Transparency Matters: This outage shows how critical transparency and communication are — Cloudflare acknowledged the issue quickly and rolled back the faulty update. For users and businesses, this kind of clarity builds trust.
- Stay Alert to Vulnerabilities: The root cause was a patch for a major vulnerability (React2Shell). It’s a reminder — vulnerabilities in frameworks or libraries can have cascading consequences far beyond code — affecting entire networks.
Final Thoughts
The internet doesn’t break often — but when it does, the impact is immediate and global. Cloudflare’s December 5 outage might have lasted just half an hour, but it brought a large piece of the web down — from crypto exchanges to Indian trading apps.
We are living in a world where a handful of infrastructure firms power much of the internet. That makes reliability and careful change management absolutely critical. As users or as businesses, the takeaway is clear: don’t take internet stability for granted.
Disclaimer: This post is based on publicly available media reports and Cloudflare’s own communications. The situation might evolve as more details emerge.