CVE-2026-41174 - Vulnerability Analysis
MediumCVSS: 6.4Last Updated: May 1, 2026
Traefik - Broken Access Control
Published: April 30, 2026Updated: May 1, 2026PoC AvailableRemote Exploitable
Overview
Traefik < 2.11.43, 3.6.14, and 3.7.0-rc.2 contains a broken access control vulnerability caused by improper cross-namespace isolation enforcement in Kubernetes CRD provider, letting actors with namespace CRD permissions bypass isolation boundaries, exploit requires permission to create or update Traefik CRDs in their own namespace.
Severity & Score
Severity: Medium
CVSS Score: 6.4
Impact
Attackers with namespace CRD permissions can bypass isolation boundaries, potentially affecting middleware configuration across namespaces.
Mitigation
Update to versions 2.11.43, 3.6.14, 3.7.0-rc.2 or later.
References
- https://github.com/traefik/traefik/commit/df00d82fc7f12e07199551832b54de6d0e55414d
- https://github.com/traefik/traefik/releases/tag/v2.11.43
- https://github.com/traefik/traefik/releases/tag/v3.6.14
- https://github.com/traefik/traefik/releases/tag/v3.7.0-rc.2
- https://github.com/traefik/traefik/security/advisories/GHSA-xhjw-95fp-8vgq
Related Resources
Details
- CVE ID
- CVE-2026-41174
- Severity
- Medium
- CVSS Score
- 6.4
- Type
- broken_access_control
- Status
- confirmed
CWE
- CWE-653
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N