Browse all 33 CVE security advisories affecting traefik. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Traefik functions as an open-source edge router and reverse proxy, primarily designed to simplify the deployment of microservices by automatically discovering and configuring backend services. Its architecture focuses on dynamic configuration, allowing it to integrate seamlessly with container orchestration platforms like Docker and Kubernetes. Historically, the software has been susceptible to several critical vulnerability classes, including remote code execution, path traversal, and privilege escalation flaws. These issues often stem from improper input validation or insufficient access controls within its HTTP middleware and entry point configurations. With thirty-three recorded CVEs, recent incidents have highlighted risks related to unauthorized access to the dashboard and potential denial-of-service conditions. While the project maintains an active security response process, the high volume of disclosed flaws underscores the complexity of managing dynamic routing logic in distributed environments, requiring diligent patching and strict configuration hygiene to mitigate exposure.
CVE-2025-411742026-05-01CVE-2026-35512026-05-01CVE-2024-409122026-05-01CVE-2025-664902025-12-10Showing up to 20 recent security advisories. View all →
This page lists every published CVE security advisory associated with traefik. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.