Traefik v3.7.1 released on 11-05-2026
Traefik v3.7.1 is out now. Kubernetes operators and users affected by a recently fixed CVE should read the migration guide and upgrade promptly.
Read the v3.7.1 migration guide and the CVE advisory on NVD, and check the GitHub release for the full changelog and details.
What’s in this release
- Required migration step — follow the v3.7.1 migration guide to understand configuration and behaviour changes: https://doc.traefik.io/traefik/v3.7/migrate/v3/#v371
- Security: CVE-2026-44774 patched (Advisory GHSA-96qj-4jj5-wcjc). Details: https://nvd.nist.gov/vuln/detail/CVE-2026-44774
- Kubernetes providers: added CrossProviderNamespaces option for k8s/ingress, k8s/crd and k8s/gatewayapi (PR #13094) and fixed cross-provider reference validation in the Kubernetes CRD provider (PR #13121)
Upgrade notes
- Required migration step is documented in the v3.7.1 migration guide — read it before upgrading: https://doc.traefik.io/traefik/v3.7/migrate/v3/#v371
- If you need to roll back, fetch the previous version from the project’s GitHub releases page and follow your usual downgrade procedures.
Share notes on your upgrade experience — report issues, questions or observations on the Traefik GitHub tracker or discussions so others can benefit.
