Version: v1.1.x

CVE-2026-39858

CVE Details

Visit the official vulnerability details page for CVE-2026-39858 to learn more.

Initial Publication

04/30/2026

Last Update

05/01/2026

Third Party Dependency

github.com/traefik/traefik/v3

NIST CVE Summary

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a high severity authentication bypass vulnerability in Traefik's ForwardAuth and snippet-based authentication middleware. Traefik's forwarded-header sanitization logic targets only canonical header names (e.g., X-Forwarded-Proto) and does not strip or normalize alias variants that use underscores instead of dashes (e.g., X_Forwarded_Proto). These unsanitized alias headers are forwarded intact to the authentication backend. When the backend normalizes underscore and dash header forms equivalently, an attacker can inject spoofed trust context — such as a trusted scheme or host — through the alias headers and bypass authentication on protected routes without valid credentials. This issue has been patched in versions 2.11.43, 3.6.14, and 3.7.0-rc.2.

CVE Severity

Our Official Summary

Investigation is ongoing to determine how this vulnerability affects our products.

Status

Analyzed

Affected Products & Versions

Version	PaletteAI	PaletteAI VerteX
1.1.0	⚠️ Impacted	⚠️ Impacted

Revision History

No revisions available.

CVE Details​

Initial Publication​

Last Update​

Third Party Dependency​

NIST CVE Summary​

CVE Severity​

Our Official Summary​

Status​

Affected Products & Versions​

Revision History​