Vulnerability DatabaseCVE-2026-32695
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
CVE-2026-32695
March 27, 2026
Traefik is an HTTP reverse proxy and load balancer. Prior to versions 3.6.11 and 3.7.0-ea.2, Traefik's Knative provider builds router rules by interpolating user-controlled values into backtick-delimited rule expressions without escaping. In live cluster validation, Knative "rules[].hosts[]" was exploitable for host restriction bypass (for example "tenant.example.com") || Host("attacker.com"), producing a router that serves attacker-controlled hosts. Knative "headers[].exact" also allows rule-syntax injection and proves unsafe rule construction. In multi-tenant clusters, this can route unauthorized traffic to victim services and lead to cross-tenant traffic exposure. Versions 3.6.11 and 3.7.0-ea.2 patch the issue.
Affected Packages
https://github.com/traefik/traefik.git (GITHUB):
Affected version(s) >=v2.0.0 <v3.6.11
Fix Suggestion:
Update to version v3.6.11
https://github.com/traefik/traefik.git (GITHUB):
Affected version(s) >=v2.0.0 <v3.6.11
Fix Suggestion:
Update to version v3.6.11
github.com/traefik/traefik/v3 (GO):
Affected version(s) >=v3.0.0-beta2.0.20230203142405-044dc6a221a1 <v3.6.11
Fix Suggestion:
Update to version v3.6.11
github.com/traefik/traefik/v3 (GO):
Affected version(s) >=v3.0.0-beta2.0.20230203142405-044dc6a221a1 <v3.6.11
Fix Suggestion:
Update to version v3.6.11
Related ResourcesĀ (6)
https://github.com/traefik/traefik/commit/11d251415a6fd935025df5a9dda898e17e3097b2
https://github.com/traefik/traefik
https://github.com/traefik/traefik/releases/tag/v3.6.11
https://github.com/traefik/traefik/security/advisories/GHSA-67jx-r9pv-98rj
https://nvd.nist.gov/vuln/detail/CVE-2026-32695
https://github.com/traefik/traefik/releases/tag/v3.7.0-ea.2
Do you need more information?
Contact Us
CVSS v4
Base Score:
6.3
Attack Vector
NETWORK
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
LOW
User Interaction
NONE
Vulnerable System Confidentiality
NONE
Vulnerable System Integrity
NONE
Vulnerable System Availability
NONE
Subsequent System Confidentiality
HIGH
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
7.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE
Weakness Type (CWE)
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-74
EPSS
Base Score:
0.01