Using Cloudflare to bypass Cloudflare (potential vulnerability)

Hi all,
I came across this German article which identifies a potential Cloudflare security vulnerability due to Cloudflare’s cross-user trust in their own certificates. This allows other Cloudflare users who also use Cloudflare’s own certificate to establish legitimate and trusted connections to other users’ servers.

Unfortunately, I’m not good at assessing the risk myself, so how do you guys see the risk of using it with this Homeassistant addon and with Homeassistant in general? Cloudflare itself, according to this article, closed the issue by calling it “informative” and apparently hasn’t done anything since.

If you do not have extra security on your Cloudflare tunnel, like Cloudflare’s login soution, then Cloudflare is just like a HTTPS connection with no authentication, besides the one HA provides.
And relaying on only HAs authentication might be a bit too risky.