CVE-2026-26998 — Vulnetix

CVE-2026-26998 PUBLISHED CVSS 4.400000095367432 MEDIUM

De multiples vulnérabilités ont été découvertes dans Traefik. Elles permettent à un attaquant de provoquer un déni de service à distance et un contournement de la politique de sécurité.

EPSS 0.04% · 12.9th percentile

Risk Scores

CVSS v3.1

4.400000095367432

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

EPSS Score

0.04%

12.9th percentile

Affected Products

Vendor	Product	Versions
github.com	traefik/traefik/v2	0, 0, 0
traefik	traefik	0, 0, 3.0.0
github.com	traefik/traefik/v3	0, 0, 0
Traefik	Traefik

Timeline

Mar 4, 2026 CVE Published
Mar 5, 2026 PoC Published
Mar 5, 2026 PoC Published
Mar 5, 2026 PoC Published
Mar 5, 2026 CVE Updated
Mar 6, 2026 EPSS Score
Mar 6, 2026 PoC Published
Mar 7, 2026 EPSS Score
Mar 8, 2026 EPSS Score
Mar 10, 2026 EPSS Score
Mar 11, 2026 EPSS Score
Mar 12, 2026 EPSS Score

References

https://github.com/traefik/traefik/security/advisories/GHSA-fw45-f5q2-2p4x advisory
https://github.com/traefik/traefik/security/advisories/GHSA-xw98-5q62-jx94 advisory
https://github.com/traefik/traefik/security/advisories/GHSA-92mv-8f8w-wq52 advisory
https://github.com/traefik/traefik/releases/tag/v2.11.38 url
https://github.com/traefik/traefik/releases/tag/v3.6.9 url
https://nvd.nist.gov/vuln/detail/CVE-2026-26998 advisory
https://github.com/traefik/traefik package

Open in Interactive Console →