CVE-2026-41174

Exploit

EPSS 0.01%
Veröffentlicht 30.04.2026 20:20:29
Zuletzt bearbeitet 01.05.2026 17:39:35
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

Traefik Kubernetes CRD allows unauthorized cross-namespace middleware binding

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a potential vulnerability in Traefik's Kubernetes CRD provider cross-namespace isolation enforcement. When providers.kubernetesCRD.allowCrossNamespace=false, Traefik correctly rejects direct cross-namespace middleware references from IngressRoute objects, but fails to apply the same restriction to middleware references nested inside a Chain middleware's spec.chain.middlewares[]. An actor with permission to create or update Traefik CRDs in their own namespace can exploit this to cause Traefik to resolve and apply middleware objects from another namespace, bypassing the documented isolation boundary. This issue has been patched in versions 2.11.43, 3.6.14, and 3.7.0-rc.2.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 2 Referenzen 8

NVD 6 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Traefik ≫ Traefik Version < 2.11.43

Traefik ≫ Traefik Version >= 3.0.0 < 3.6.14

Traefik ≫ Traefik Version3.7.0 Updateea1

Traefik ≫ Traefik Version3.7.0 Updateea2

Traefik ≫ Traefik Version3.7.0 Updateea3

Traefik ≫ Traefik Version3.7.0 Updaterc1

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.016

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.4	3.1	2.7	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
security-advisories@github.com	4.8	0	0	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-653 Improper Isolation or Compartmentalization

The product does not properly compartmentalize or isolate functionality, processes, or resources that require different privilege levels, rights, or permissions.

CWE-863 Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

https://github.com/traefik/traefik/releases/tag/v2.11.43

Product

Release Notes

https://github.com/traefik/traefik/releases/tag/v3.6.14

Product

Release Notes

https://github.com/traefik/traefik/releases/tag/v3.7.0-rc.2

Product

Release Notes

https://github.com/traefik/traefik/security/advisories/GHSA-xhjw-95fp-8vgq

Patch

Vendor Advisory