{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-29T16:09:52.114","vulnerabilities":[{"cve":{"id":"CVE-2026-26999","sourceIdentifier":"security-advisories@github.com","published":"2026-03-05T19:16:05.323","lastModified":"2026-03-06T15:27:05.150","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.38 and 3.6.9, there is a potential vulnerability in Traefik managing TLS handshake on TCP routers. When Traefik processes a TLS connection on a TCP router, the read deadline used to bound protocol sniffing is cleared before the TLS handshake is completed. When a TLS handshake read error occurs, the code attempts a second handshake with different connection parameters, silently ignoring the initial error. A remote unauthenticated client can exploit this by sending an incomplete TLS record and stopping further data transmission, causing the TLS handshake to stall indefinitely and holding connections open. By opening many such stalled connections in parallel, an attacker can exhaust file descriptors and goroutines, degrading availability of all services on the affected entrypoint. This issue has been patched in versions 2.11.38 and 3.6.9."},{"lang":"es","value":"Traefik es un proxy inverso HTTP y balanceador de carga. Antes de las versiones 2.11.38 y 3.6.9, existe una potencial vulnerabilidad en Traefik al gestionar el handshake TLS en routers TCP. Cuando Traefik procesa una conexión TLS en un router TCP, el plazo de lectura utilizado para limitar el sniffing del protocolo se borra antes de que se complete el handshake TLS. Cuando ocurre un error de lectura en el handshake TLS, el código intenta un segundo handshake con diferentes parámetros de conexión, ignorando silenciosamente el error inicial. Un cliente remoto no autenticado puede explotar esto enviando un registro TLS incompleto y deteniendo la transmisión de datos posterior, lo que hace que el handshake TLS se detenga indefinidamente y mantenga las conexiones abiertas. Al abrir muchas de estas conexiones estancadas en paralelo, un atacante puede agotar los descriptores de archivo y las goroutines, degradando la disponibilidad de todos los servicios en el punto de entrada afectado. Este problema ha sido parcheado en las versiones 2.11.38 y 3.6.9."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-400"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:traefik:traefik:*:*:*:*:*:*:*:*","versionEndExcluding":"2.11.38","matchCriteriaId":"2F729E45-F8B4-4A50-A2BE-C52CFFEB888D"},{"vulnerable":true,"criteria":"cpe:2.3:a:traefik:traefik:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0","versionEndExcluding":"3.6.9","matchCriteriaId":"AFEBE8EC-89F8-415A-8BB4-209F070117B7"}]}]}],"references":[{"url":"https://github.com/traefik/traefik/releases/tag/v2.11.38","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/traefik/traefik/releases/tag/v3.6.9","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/traefik/traefik/security/advisories/GHSA-xw98-5q62-jx94","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}}]}