HTTP Reverse Proxy Vulnerability in Traefik Affects Multi-Tenant Clusters
CVE-2026-32695

6.3MEDIUM

Key Information:

Vendor

Traefik

Status
Traefik
Vendor
CVE Published:
27 March 2026

What is CVE-2026-32695?

Traefik, an HTTP reverse proxy and load balancer, exposes vulnerabilities in its Knative provider configuration. Prior to versions 3.6.11 and 3.7.0-ea.2, it interpolates user-controlled values into critical rule expressions without adequate escaping. This flaw can allow attackers to bypass host restrictions in multi-tenant environments, potentially directing unauthorized traffic to sensitive services. Specifically, the misuse of Knative rules[].hosts[] enables exploitation by injecting arbitrary hosts, while unsafe rule construction via headers[].exact paves the way for additional rule-syntax injections. The vulnerabilities highlight significant security risks particularly in scenarios involving multi-tenant clusters.

Affected Version(s)

traefik < 3.6.11 < 3.6.11

traefik >= 3.7.0-ea.1, < 3.7.0-ea.2 < 3.7.0-ea.1, 3.7.0-ea.2

References

https://github.com/traefik/traefik/security/advisories/GH...
x_refsource_CONFIRM
https://github.com/traefik/traefik/releases/tag/v3.6.11
x_refsource_MISC
https://github.com/traefik/traefik/releases/tag/v3.7.0-ea.2
x_refsource_MISC

CVSS V4

Score:
6.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.