traefik

v2.11.46 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 23d Reverse Proxies & Load Balancers

✓ No known CVEs patched

This release patches 1 known CVE

Topics

consul docker etcd go kubernetes letsencrypt

+7 more

load-balancing marathon mesos microservice proxy traefik zookeeper

ReleasePort's take

Moderate signal

editorial:auto 13d

CVE-2026-44774 has been fixed in Traefik v2.11.46.

Why it matters: Patch to v2.11.46 immediately to remediate the CVE‑2026‑44774 vulnerability.

AI summary

CVE‑2026‑44774 security vulnerability fixed.

Type	Severity	Summary	CVE
Security	Medium	CVE-2026-44774 fixed (GHSA-96qj-4jj5-wcjc). CVE-2026-44774 fixed (GHSA-96qj-4jj5-wcjc). Source: llm_adapter@2026-05-21 Confidence: low	—
Bugfix	Medium	Add CrossProviderNamespaces option for k8s/ingress, k8s/crd, k8s/gatewayapi. Add CrossProviderNamespaces option for k8s/ingress, k8s/crd, k8s/gatewayapi. Source: llm_adapter@2026-05-21 Confidence: high	—
Bugfix	Medium	Fix cross-provider ref check for Kubernetes CRD provider. Fix cross-provider ref check for Kubernetes CRD provider. Source: llm_adapter@2026-05-21 Confidence: high	—

Full changelog

Important: Please read the migration guide.

CVE fixed:

Bug fixes:

[k8s/ingress, k8s/crd, k8s/gatewayapi] Add CrossProviderNamespaces option (#13094 @rtribotte)
[k8s/crd] Fix cross-provider ref check for Kubernetes CRD provider (#13121 @rtribotte)

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Track traefik

Get notified when new releases ship.

About traefik

The Cloud Native Application Proxy