CVE-2026-35051 - Traefik: ForwardAuth trustForwardHeader=false allows spoofed X-Forwarded-Prefix to bypass auth
CVE ID :CVE-2026-35051 Published : April 30, 2026, 9:16 p.m. | 44 minutes ago Description :Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is an authentication bypass vulnerability in Traefik's ForwardAuth middleware when trustForwar
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Former incident responders sentenced to 4 years in prison for committing ransomware attacks
- [CYBER] New Linux 'Copy Fail' Vulnerability Enables Root Access On Major Distros
- [CYBER] Email security help - KnowBe4 vs Abnormal/Sublime?
- [CYBER] 'It quickly becomes an efficient and economically feasible solution': This wild saltwater hack could make data centers cooler, cheaper, and unexpectedly water-positive
- [CYBER] CVE-2026-1577 - IBM® Db2® is vulnerable to a denial of service with a specially crafted query involving multiple subqueries
- [CYBER] CVE-2025-36122 - IBM® Db2® is vulnerable to a denial of service with a specially crafted query when stmtheap is set to automatic