Vendor
Caddy Defender versions before v0.10.1 are vulnerable to a client IP bypass (CVE-2026-46415) when deployed behind a trusted proxy, allowing blocked clients to bypass Defender's IP-based restrictions.