Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 29 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-33433 Traefik Vulnerable to BasicAuth/DigestAuth Identity Spoofing via Non-Canonical headerField traefiktraefik 中危 -2026-03-27 13:49:08 Deep Dive
CVE-2026-32695 Traefik has Knative Ingress Rule Injection that Allows Host Restriction Bypass traefiktraefik 中危 -2026-03-27 13:47:04 Deep Dive
CVE-2026-32595 Traefik: BasicAuth Middleware Timing Attack Allows Username Enumeration traefiktraefik 中危 -2026-03-20 10:08:42 Deep Dive
CVE-2026-32305 Traefik mTLS bypass via fragmented ClientHello SNI extraction failure traefiktraefik 中危 -2026-03-20 10:01:14 Deep Dive
CVE-2026-29777 Traefik has a kubernetes gateway rule injection via unescaped backticks in HTTPRoute match values traefiktraefik--2026-03-11 15:54:17 Deep Dive
CVE-2026-29054 Traefik: lowercase `Connection` tokens can delete traefik-managed forwarded identity headers (for example, `X-Real-Ip`) traefiktraefik High 7.5 2026-03-05 16:18:49 Deep Dive
CVE-2026-26999 Traefik: tcp router clears read deadlines before tls forwarding, enabling stalled handshakes (slowloris doS) traefiktraefik High 7.5 2026-03-05 16:15:36 Deep Dive
CVE-2026-26998 Traefik: unbounded io.ReadAll on auth server response body causes OOM denial of service(DOS) traefiktraefik Medium 4.4 2026-03-05 16:15:06 Deep Dive
CVE-2026-25949 Traefik: TCP readTimeout bypass via STARTTLS on Postgres traefiktraefik High 7.5 2026-02-12 20:01:20 Deep Dive
CVE-2026-22045 Traefik's ACME TLS-ALPN fast path lacks timeouts and close on handshake stall traefiktraefik Medium 5.9 2026-01-15 22:44:05 Deep Dive
CVE-2025-66491 Traefik has Inverted TLS Verification Logic in its ingress-nginx Provider traefiktraefik Medium 5.9 2025-12-09 00:38:39 Deep Dive
CVE-2025-66490 Traefik doesn't Prevent Path Normalization Bypass in Router + Middleware Rules traefiktraefik--2025-12-09 00:35:27 Deep Dive
CVE-2025-54386 Traefik's Client Plugin is Vulnerable to Path Traversal, Arbitrary File Overwrites and Remote Code Execution traefiktraefik 中危 -2025-08-01 23:32:22 Deep Dive
CVE-2025-47952 Traefik allows path traversal using url encoding traefiktraefik--2025-05-30 03:37:13 Deep Dive
CVE-2025-32431 Traefik has a possible vulnerability with the path matchers traefiktraefik 中危 -2025-04-21 15:34:05 Deep Dive
CVE-2024-52003 X-Forwarded-Prefix Header still allows for Open Redirect in traefik traefiktraefik 中危 -2024-11-29 18:15:34 Deep Dive
CVE-2024-45410 HTTP client can remove the X-Forwarded headers in Traefik traefiktraefik Critical 9.8 2024-09-19 22:51:03 Deep Dive
CVE-2024-39321 Traefik vulnerable to bypassing IP allow-lists via HTTP/3 early data requests in QUIC 0-RTT handshakes traefiktraefik High 7.5 2024-07-05 17:32:07 Deep Dive
CVE-2024-28869 Possible denial of service vulnerability with Content-length header in Traefik traefiktraefik High 7.5 2024-04-12 21:08:36 Deep Dive
CVE-2023-47633 Uncontrolled Resource Consumption in Traefik traefiktraefik High 7.5 2023-12-04 20:36:19 Deep Dive