Ce mail provient de l'extérieur, restons vigilants

=====================================================================

                            CERT-Renater

                Note d'Information No. 2026/VULN200
_____________________________________________________________________

DATE                : 20/02/2026

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Traefik (Go) versions
                          prior to 2.11.37, 3.6.8.

=====================================================================
https://github.com/traefik/traefik/security/advisories/GHSA-gv8r-9rw9-9697
_____________________________________________________________________


TLS ClientAuth Bypass on HTTP/3
Critical
nmengin published GHSA-gv8r-9rw9-9697 Feb 20, 2026

Package
Traefik (Go)

Affected versions
<= v2.11.36, <= v3.6.7

Patched versions
v2.11.37, v3.6.8


Description

Summary

There is a potential vulnerability in Traefik managing HTTP/3
connections.

More details in the CVE-2025-68121.


Patches

    https://github.com/traefik/traefik/releases/tag/v2.11.37
    https://github.com/traefik/traefik/releases/tag/v3.6.8


Workarounds

No workaround


For more information

If you have any questions or comments about this advisory,
please open an issue.


Severity
Critical
10.0/ 10

CVSS v3 base metrics
Attack vector
Network
Attack complexity
Low
Privileges required
None
User interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
None
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N

CVE ID
CVE-2025-68121

Weaknesses
No CWEs

Credits

    @rbqvq rbqvq Reporter


=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================