CVE-2026-1664

Name of the Vulnerable Software and Affected Versions Cloudflare Agents SDK versions prior to 0.3.7

Description An Insecure Direct Object Reference exists in the createHeaderBasedEmailResolver() function. The issue arises because the Message-ID and References headers are parsed to determine the target agentName and agentId without sufficient validation or origin checks. This allows an attacker who can control these headers to route inbound mail to arbitrary Durable Object instances and namespaces. The root cause is a lack of cryptographic verification or origin validation for the headers used in the routing logic, enabling external input to dictate internal object routing. This IDOR in email routing allows an attacker to steer inbound mail to arbitrary Agent instances via a spoofed Message-ID.

Recommendations Upgrade to agents@0.3.7 to resolve the issue. Refactor the resolver to enforce strict identity boundaries, as described in the provided PR.