Traefik Reverse Proxy Vulnerability Allows Security Policy Bypass

A vulnerability was discovered in Traefik, an open-source reverse proxy and load balancer, allowing attackers to bypass security policies. The flaw was reported on 12 May 2026 by France's national cybersecurity agency (ANSSI) via its CERT. No specific CVE identifier, technical details, or affected versions were disclosed in the notice. The impact involves unauthorized circumvention of security controls, though the exact scope of exploitation remains unspecified. The advisory was published under reference CERTFR-2026-AVI-0561.