Cloudflare's AI-Built vinext Framework Ships With Critical Security Holes

What Happened

In February 2026, Cloudflare engineering director Steve Faulkner announced vinext — a framework built almost entirely by AI (Claude Opus via OpenCode) that reimplemented 94% of the Next.js API on Vite in roughly one week and approximately $1,100 in API tokens.

The results were impressive on the surface: builds ran 4× faster, bundles were 57% smaller, and the framework passed its own test suite. Cloudflare claimed "customers running in production."

Within days of launch, independent security researchers discovered serious vulnerabilities:

Node's AsyncLocalStorage was used to pass request data between sandboxes, creating a potential data leakage path between users
No CSRF protection built in
No rate limiting on authentication endpoints
No session invalidation mechanism
The README explicitly stated no human had reviewed the code

The Vercel security team independently flagged additional bugs. The claim of "customers running in production" turned out to be one beta site with no traffic.

How It Happened

Faulkner used Claude Opus via OpenCode to rapidly scaffold a Next.js alternative
The AI generated ~94% of the framework code in ~1 week
The code was functionally correct for the demo paths tested
Security properties — request isolation, CSRF tokens, session management — were never part of the AI's task description
The README proudly noted the lack of human review as evidence of AI capability
Cloudflare's marketing team amplified the speed/cost metrics before security review

Why This Matters

This incident is a masterclass in conflating speed with safety. Vinext proved that AI can generate a functioning web framework faster and cheaper than a human team. It also proved that AI-generated infrastructure code can introduce systemic security flaws that human architects would catch in design review.

The most dangerous detail: the README advertised "no human review" as a feature. In infrastructure software, that's not a flex — it's a liability disclosure. Independent coverage from The Register and security analysis from Hacktron noted that vinext's vulnerabilities weren't edge cases; they were predictable consequences of skipping security architecture.

Lessons Learned

AI can generate code faster than humans can audit it — Speed of creation must be matched by speed of review
Functionality ≠ Security — A framework that builds and bundles correctly can still leak user data
"No human review" is a red flag, not a selling point — Infrastructure code requires human security architects
Marketing speed metrics create perverse incentives — "$1,100 and 1 week" sounds great until you factor in incident response costs
Cross-sandbox data leakage is a framework killer — AsyncLocalStorage misuse is an architectural flaw, not a implementation bug

Prevention Checklist

[ ] require human security review for any AI-generated infrastructure framework before public release
[ ] conduct independent penetration testing on AI-generated authentication/session code
[ ] never treat "no human review" as a marketing advantage for infrastructure tools
[ ] include security requirements (CSRF, rate limiting, session invalidation) in the AI's task prompts
[ ] validate "production customers" claims with actual traffic/usage data before public statements
[ ] establish a security review gate that AI-generated code cannot bypass, regardless of demo performance

Original Source: Cloudflare Blog — How we rebuilt Next.js with AI in one week (vendor announcement)

Full details: Hacktron AI — Vibe-Hacking Cloudflare's Vibe-Coded Next.js Replacement (independent research) | The Register — Cloudflare vibe codes 94% of Next.js API 'in one week' | Cybernews — Cloudflare's AI-built Next.js replacement hit by security flaws