Vulnerability in Traefik

CVE-2026-32695

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 3.6.11 and 3.7.0-ea.2, Traefik's Knative provider builds router rules by interpolating user-controlled values into backtick-delimited rule expressions without escaping…

EPSS: 0.000 (4.7th percentile) — read the EPSS interpretation.

Affected products

Traefik — versions < 3.6.11, >= 3.7.0-ea.1, < 3.7.0-ea.2

Weakness classification (CWE)

CWE-74 — Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection)

References

https://github.com/traefik/traefik/security/advisories/GHSA-67jx-r9pv-98rj (x_refsource_CONFIRM)
https://github.com/traefik/traefik/releases/tag/v3.6.11 (x_refsource_MISC)
https://github.com/traefik/traefik/releases/tag/v3.7.0-ea.2 (x_refsource_MISC)