github.com/traefik/traefik/v3 vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-54762Mediumgithub.com/traefik/traefik/v3: Traefik Kubernetes Ingress NGINX provider fails open when auth-secret resolution failsCVE-2026-54761Mediumgithub.com/traefik/traefik/v3: Traefik: Kubernetes Gateway crossProviderNamespaces bypass allows HTTPRoute outside the allowlist…CVE-2026-48020Highgithub.com/traefik/traefik/v2: Traefik has a StripPrefix Route-Level Auth Bypass via Path NormalizationCVE-2026-44774Mediumgithub.com/traefik/traefik/v3: Traefik: Gateway API TraefikService backend accepts rest@internal, allowing unauthorized exposure…CVE-2026-41181Mediumgithub.com/traefik/traefik/v2: Traefik's errors middleware forwards Authorization and Cookie headers to separate error page serviceCVE-2026-41263Mediumgithub.com/traefik/traefik/v3: Traefik: A timing side-channel vulnerability allows for valid username enumeration via BasicAuth…CVE-2026-41174Mediumgithub.com/traefik/traefik/v3: Traefik Kubernetes CRD allows unauthorized cross-namespace middleware bindingCVE-2026-40912Highgithub.com/traefik/traefik/v3: Traefik has an StripPrefixRegex Middleware Authorization Bypass via Path/RawPath DesyncCVE-2026-39858Highgithub.com/traefik/traefik/v3: Traefik: Pre-authentication decision bypass due to forwarded alias spoofingCVE-2026-35051Highgithub.com/traefik/traefik/v3: Traefik's ForwardAuth trustForwardHeader=false allows spoofed X-Forwarded-Prefix to bypass…GHSA-46WH-3698-F2CXHighgithub.com/traefik/traefik/v2: Traefik: Deny Rule Bypass via Unauthenticated Malicious gRPC Requests in gRPC-Go Dependency…CVE-2026-33433Mediumgithub.com/traefik/traefik/v2: Traefik Vulnerable to BasicAuth/DigestAuth Identity Spoofing via Non-Canonical headerFieldCVE-2026-32695Mediumgithub.com/traefik/traefik/v3: Traefik has Knative Ingress Rule Injection that Allows Host Restriction BypassCVE-2026-32595Mediumgithub.com/traefik/traefik: Traefik Affected by BasicAuth Middleware Timing Attack Allows Username EnumerationCVE-2026-32305Highgithub.com/traefik/traefik/v3: Traefik has a Potential mTLS Bypass via Fragmented TLS ClientHello Causing Pre-SNI Sniff Fallback…GHSA-4HJQ-9H5C-252JHighgithub.com/traefik/traefik/v2: Traefik: HTTP/2 frames can cause a running server to panicCVE-2026-29777Mediumgithub.com/traefik/traefik/v3: Traefik: kubernetes gateway rule injection via unescaped backticks in HTTPRoute match valuesCVE-2026-29054Highgithub.com/traefik/traefik/v2: traefik CVE-2024-45410 fix bypass: lowercase `Connection` tokens can delete traefik-managed…CVE-2026-26999Highgithub.com/traefik/traefik/v2: Traefik: tcp router clears read deadlines before tls forwarding, enabling stalled handshakes…CVE-2026-26998Mediumgithub.com/traefik/traefik/v2: Traefik has unbounded io.ReadAll on auth server response body that causes OOM DOSGHSA-GV8R-9RW9-9697Highgithub.com/traefik/traefik: Traefik affected by TLS ClientAuth Bypass on HTTP/3CVE-2026-25949Highgithub.com/traefik/traefik/v3: Traefik: TCP readTimeout bypass via STARTTLS on PostgresCVE-2026-22045Mediumgithub.com/traefik/traefik/v3: Traefik's ACME TLS-ALPN fast path lacks timeouts and close on handshake stallCVE-2025-66491Mediumgithub.com/traefik/traefik/v3: Traefik Inverted TLS Verification Logic in ingress-nginx ProviderCVE-2025-66490Mediumgithub.com/traefik/traefik: Path Normalization Bypass in Traefik Router + Middleware Rules

Stop the waste.
Protect your environment with Kodem.