authentication-bypass 4

• CVE-2026-53622: HTTP/3 mTLS bypass in Traefik router TLSOptions selection Jun 11, 2026
• CVE-2026-49284: ExpectedIssuer and InResponseTo binding bypass in SimpleSAMLphp Jun 11, 2026
• CVE-2026-49283: HTTP-Artifact TLS validator confusion in SimpleSAMLphp SAML2 Jun 11, 2026
• CVE-2026-48491: Domain-fronted mTLS bypass in Traefik SNICheck wildcard TLSOptions Jun 11, 2026