| CVE-2026-39858 |
critical |
10.0 |
10.0 |
|
|
|
1mo ago |
Traefik: Pre-authentication decision bypass due to forwarded alias spoofing |
| CVE-2026-35051 |
critical |
10.0 |
10.0 |
|
|
|
1mo ago |
Traefik's ForwardAuth trustForwardHeader=false allows spoofed X-Forwarded-Prefix to bypass authentication |
| CVE-2026-44774 |
critical |
9.9 |
9.9 |
|
|
|
19d ago |
Traefik: Gateway API TraefikService backend accepts rest@internal, allowing unauthorized exposure of the REST provider despite providers.rest.insecure=false |
| CVE-2026-40912 |
high |
8.2 |
8.2 |
|
|
|
1mo ago |
Traefik has an StripPrefixRegex Middleware Authorization Bypass via Path/RawPath Desync |
| CVE-2026-41174 |
medium |
6.4 |
6.4 |
|
|
|
1mo ago |
Traefik Kubernetes CRD allows unauthorized cross-namespace middleware binding |
| CVE-2026-41181 |
medium |
5.8 |
5.8 |
|
|
|
19d ago |
Traefik's errors middleware forwards Authorization and Cookie headers to separate error page service |
| CVE-2026-41263 |
low |
3.7 |
3.7 |
|
|
|
1mo ago |
Traefik: A timing side-channel vulnerability allows for valid username enumeration via BasicAuth middleware |
| CVE-2026-33433 |
unknown |
— |
— |
|
|
|
2mo ago |
Traefik Vulnerable to BasicAuth/DigestAuth Identity Spoofing via Non-Canonical headerField in github.com/traefik/traefik |
| CVE-2026-32695 |
unknown |
— |
— |
|
|
|
2mo ago |
Traefik has Knative Ingress Rule Injection that Allows Host Restriction Bypass in github.com/traefik/traefik |
| CVE-2026-32595 |
unknown |
— |
— |
|
|
|
3mo ago |
Traefik Affected by BasicAuth Middleware Timing Attack Allows Username Enumeration in github.com/traefik/traefik |
| CVE-2026-32305 |
unknown |
— |
— |
|
|
|
3mo ago |
Traefik has a Potential mTLS Bypass via Fragmented TLS ClientHello Causing Pre-SNI Sniff Fallback to Default Non-mTLS TLS Config in github.com/traefik/traefik |
| CVE-2026-29777 |
unknown |
— |
— |
|
|
|
3mo ago |
Traefik: kubernetes gateway rule injection via unescaped backticks in HTTPRoute match values in github.com/traefik/traefik |
| CVE-2026-29054 |
unknown |
— |
— |
|
|
|
3mo ago |
traefik CVE-2024-45410 fix bypass: lowercase `Connection` tokens can delete traefik-managed forwarded identity headers (for example, `X-Real-Ip`) in github.com/traefik/traefik |
| CVE-2026-26999 |
unknown |
— |
— |
|
|
|
3mo ago |
Traefik: tcp router clears read deadlines before tls forwarding, enabling stalled handshakes (Slowloris DOS) in github.com/traefik/traefik |
| CVE-2026-26998 |
unknown |
— |
— |
|
|
|
3mo ago |
Traefik has unbounded io.ReadAll on auth server response body that causes OOM DOS in github.com/traefik/traefik |
| CVE-2026-25949 |
unknown |
— |
— |
|
|
|
4mo ago |
Traefik: TCP readTimeout bypass via STARTTLS on Postgres in github.com/traefik/traefik |
| CVE-2026-22045 |
unknown |
— |
— |
|
|
|
5mo ago |
Traefik's ACME TLS-ALPN fast path lacks timeouts and close on handshake stall in github.com/traefik/traefik |
| CVE-2025-66491 |
unknown |
— |
— |
|
|
|
6mo ago |
Traefik Inverted TLS Verification Logic in ingress-nginx Provider in github.com/traefik/traefik |
| CVE-2025-66490 |
unknown |
— |
— |
|
|
|
6mo ago |
Path Normalization Bypass in Traefik Router + Middleware Rules in github.com/traefik/traefik |
| CVE-2025-54386 |
unknown |
— |
— |
|
|
|
10mo ago |
Traefik Client Plugin's Path Traversal Vulnerability Allows Arbitrary File Overwrite and Remote Code Execution in github.com/traefik/traefik |
| CVE-2025-47952 |
unknown |
— |
— |
|
|
|
1y ago |
Traefik allows path traversal using url encoding in github.com/traefik/traefik |
| CVE-2025-32431 |
unknown |
— |
— |
|
|
|
1y ago |
Traefik has a possible vulnerability with the path matchers in github.com/traefik/traefik |
| CVE-2024-52003 |
unknown |
— |
— |
|
|
|
2y ago |
Traefik's X-Forwarded-Prefix Header still allows for Open Redirect in github.com/traefik/traefik |
| CVE-2024-45410 |
unknown |
— |
— |
|
|
|
2y ago |
HTTP client can manipulate custom HTTP headers that are added by Traefik in github.com/traefik/traefik |
| CVE-2024-39321 |
unknown |
— |
— |
|
|
|
2y ago |
Bypassing IP allow-lists in traefik via HTTP/3 early data requests in QUIC 0-RTT handshakes in github.com/traefik/traefik |
| CVE-2024-28869 |
unknown |
— |
— |
|
|
|
2y ago |
Traefik vulnerable to denial of service with Content-length header in github.com/traefik/traefik |
| CVE-2023-47633 |
unknown |
— |
— |
|
|
|
3y ago |
Traefik docker container using 100% CPU in github.com/traefik/traefik |
| CVE-2023-47124 |
unknown |
— |
— |
|
|
|
3y ago |
Traefik vulnerable to potential DDoS via ACME HTTPChallenge in github.com/traefik/traefik |
| CVE-2023-47106 |
unknown |
— |
— |
|
|
|
3y ago |
Traefik incorrectly processes fragment in the URL, leads to Authorization Bypass in github.com/traefik/traefik |
