CVE-2026-1664 is a medium-severity vulnerability classified as CWE-639: Authorization Bypass Through User-Controlled Key, found in the Cloudflare Agents SDK version 0.0.104. The vulnerability exists in the createHeaderBasedEmailResolver() function, which is responsible for routing inbound emails to specific Durable Object instances based on the Message-ID and References headers. These headers are parsed without cryptographic verification or origin validation, allowing an attacker to craft spoofed email headers that manipulate the routing logic. This results in an Insecure Direct Object Reference (IDOR) where an attacker can redirect inbound mail to arbitrary agentName and agentId Durable Object instances and namespaces. Since the routing decision is based on untrusted external input, attackers can bypass intended authorization boundaries and potentially intercept, redirect, or disrupt email processing workflows. The vulnerability does not require authentication or user interaction, increasing its exploitability. The CVSS 4.0 vector (AV:N/AC:L/AT:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N) indicates network attack vector, low complexity, no privileges or user interaction needed, with low impact on confidentiality and integrity and no impact on availability. Cloudflare has provided mitigation guidance through architectural refactoring to enforce strict identity boundaries and recommends upgrading to agents@0.3.7, which addresses the issue by implementing proper validation and origin checks on the headers used for routing.

For European organizations, this vulnerability poses a risk to the confidentiality and integrity of inbound email processing when using the affected Cloudflare Agents SDK version 0.0.104. Attackers can exploit the flaw to reroute emails to unauthorized Durable Object instances, potentially enabling interception or manipulation of sensitive communications. This could lead to data leakage, unauthorized access to internal email workflows, or disruption of email-based automation and agent processing. Organizations relying on Cloudflare's Durable Objects for email routing, especially in sectors like finance, government, and critical infrastructure, may face increased risk of targeted attacks. The lack of authentication and user interaction requirements means that exploitation can be automated and performed remotely over the network, increasing the threat surface. While no known exploits are currently reported in the wild, the medium severity rating and ease of exploitation warrant prompt attention. Failure to mitigate could result in reputational damage, regulatory non-compliance (e.g., GDPR breaches due to unauthorized data access), and operational disruptions.

European organizations using Cloudflare Agents SDK version 0.0.104 should immediately upgrade to version agents@0.3.7, which includes fixes for this vulnerability. Beyond upgrading, developers should refactor their email routing logic to enforce strict identity boundaries, ensuring that routing decisions are based on cryptographically verified or origin-validated headers rather than untrusted external input. Implementing cryptographic signatures or token-based validation on email headers can prevent spoofing. Additionally, organizations should audit their use of Durable Objects in email processing to identify any unauthorized routing paths. Monitoring inbound email traffic for anomalous Message-ID or References header patterns can help detect exploitation attempts. Incorporating network-level protections such as email gateway filtering, SPF, DKIM, and DMARC enforcement will reduce the risk of header spoofing. Finally, organizations should review and update incident response plans to include scenarios involving email routing manipulation.