Traefik | v3.7.1

Traefik v3.7.1 released on 11-05-2026


Traefik v3.7.1 is out now. Kubernetes operators and users affected by a recently fixed CVE should read the migration guide and upgrade promptly.

Read the v3.7.1 migration guide and the CVE advisory on NVD, and check the GitHub release for the full changelog and details.

What’s in this release

  • Required migration step — follow the v3.7.1 migration guide to understand configuration and behaviour changes: https://doc.traefik.io/traefik/v3.7/migrate/v3/#v371
  • Security: CVE-2026-44774 patched (Advisory GHSA-96qj-4jj5-wcjc). Details: https://nvd.nist.gov/vuln/detail/CVE-2026-44774
  • Kubernetes providers: added CrossProviderNamespaces option for k8s/ingress, k8s/crd and k8s/gatewayapi (PR #13094) and fixed cross-provider reference validation in the Kubernetes CRD provider (PR #13121)

Upgrade notes

  • Required migration step is documented in the v3.7.1 migration guide — read it before upgrading: https://doc.traefik.io/traefik/v3.7/migrate/v3/#v371
  • If you need to roll back, fetch the previous version from the project’s GitHub releases page and follow your usual downgrade procedures.

Share notes on your upgrade experience — report issues, questions or observations on the Traefik GitHub tracker or discussions so others can benefit.

Related posts

Weekly Tech Digest | 06 Jul 2026

Stay updated with the latest in tech! This digest covers AI ethics, auto industry shifts, and the impact of politics on technology, exploring today's pressing issues.

wolfCOSE zero-allocation parsing in embedded C

wolfCOSE looks sensible only if you care about what your firmware actually has to carry. I like that, because on small targets the wrong crypto feature can cost more than the message itself, and there...

restic | v0.19.1

restic v0 19 1: safer FUSE mounts and mountpoint checks, robust backup source and exclude handling, clearer CLI JSON output, Windows SFTP deletion fixes