VDB

GO-2026-4897

GO-2026-4897 PUBLISHED

Traefik: Deny Rule Bypass via Unauthenticated Malicious gRPC Requests in gRPC-Go Dependency (CVE-2026-33186) in github.com/traefik/traefik

Affected Products

VendorProductVersions
github.comtraefik/traefik0
github.comtraefik/traefik/v20
github.comtraefik/traefik/v33.0.0-beta3, 3.7.0-ea.1

Timeline

  • Apr 2, 2026 CVE Published
  • Apr 7, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›