---
title: CVE-2025-55182 virtual patch enabled by default
summary: null
url: >-
  https://www.fastly.com/documentation/reference/changes/2025/12/immediate-blocking-for-cve-2025-55182
---

The virtual patch for CVE-2025-55182, released on [December 2, 2025](https://www.fastly.com/documentation/reference/changes/2025/12/added-virtual-patch-for-cve-2025-66478/), which also addresses the vulnerabilities in CVE-2025-66478, is now enabled by default with immediate blocking for [all Next-Gen WAF customers](https://www.fastlystatus.com/incident/378084).

To disable this rule for your environment, follow the instructions in our guide to [working with virtual patches](https://www.fastly.com/documentation/guides/next-gen-waf/virtual-patches-for-cves/).