CVE-2026-41181
- EPSS 0.45%
- Veröffentlicht 15.05.2026 16:27:14
- Zuletzt bearbeitet 19.05.2026 12:24:19
Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.44, 3.6.15, and 3.7.0-rc.3, there is an information disclosure vulnerability in Traefik's errors (custom error pages) middleware. When the backend returns a response matching the confi...
CVE-2026-41263
- EPSS 0.37%
- Veröffentlicht 30.04.2026 20:39:49
- Zuletzt bearbeitet 01.05.2026 17:37:12
Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a timing side-channel vulnerability in Traefik's BasicAuth middleware that allows an attacker to enumerate valid usernames through respons...
CVE-2026-40912
- EPSS 0.77%
- Veröffentlicht 30.04.2026 20:38:21
- Zuletzt bearbeitet 30.06.2026 03:19:21
Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a high severity authentication bypass vulnerability in Traefik's StripPrefixRegex middleware when used in combination with ForwardAuth, Ba...
- EPSS 0.48%
- Veröffentlicht 30.04.2026 20:26:26
- Zuletzt bearbeitet 30.06.2026 03:19:07
Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a high severity authentication bypass vulnerability in Traefik's ForwardAuth and snippet-based authentication middleware. Traefik's forwar...
- EPSS 0.27%
- Veröffentlicht 30.04.2026 20:26:06
- Zuletzt bearbeitet 30.06.2026 03:19:01
Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is an authentication bypass vulnerability in Traefik's ForwardAuth middleware when trustForwardHeader=false is configured and Traefik is depl...
CVE-2026-41174
- EPSS 0.25%
- Veröffentlicht 30.04.2026 20:20:29
- Zuletzt bearbeitet 01.05.2026 17:39:35
Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a potential vulnerability in Traefik's Kubernetes CRD provider cross-namespace isolation enforcement. When providers.kubernetesCRD.allowCr...
CVE-2026-33433
- EPSS 0.47%
- Veröffentlicht 27.03.2026 13:49:08
- Zuletzt bearbeitet 30.06.2026 03:18:40
Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.42, 3.6.11, and 3.7.0-ea.3, when `headerField` is configured with a non-canonical HTTP header name (e.g., `x-auth-user` instead of `X-Auth-User`), an authenticated attacker ca...
CVE-2026-32695
- EPSS 0.46%
- Veröffentlicht 27.03.2026 13:47:03
- Zuletzt bearbeitet 30.06.2026 03:18:33
Traefik is an HTTP reverse proxy and load balancer. Prior to versions 3.6.11 and 3.7.0-ea.2, Traefik's Knative provider builds router rules by interpolating user-controlled values into backtick-delimited rule expressions without escaping. In live clu...
CVE-2026-32595
- EPSS 0.39%
- Veröffentlicht 20.03.2026 10:08:41
- Zuletzt bearbeitet 24.03.2026 15:14:24
Traefik is an HTTP reverse proxy and load balancer. Versions 2.11.40 and below, 3.0.0-beta1 through 3.6.11, and 3.7.0-ea.1 comtain BasicAuth middleware that allows username enumeration via a timing attack. When a submitted username exists, the middle...
CVE-2026-32305
- EPSS 0.41%
- Veröffentlicht 20.03.2026 10:01:13
- Zuletzt bearbeitet 30.06.2026 03:18:32
Traefik is an HTTP reverse proxy and load balancer. Versions 2.11.40 and below, 3.0.0-beta1 through 3.6.11, and 3.7.0-ea.1 are vulnerable to mTLS bypass through the TLS SNI pre-sniffing logic related to fragmented ClientHello packets. When a TLS Clie...