1544 matches found
CVE-2026-15416 Argo-cd: argo cd unauthenticated remote code execution in repo-server via generatemanifest grpc endpoint
A flaw was identified in Argo CD, the GitOps engine used by Red Hat OpenShift GitOps, that could allow an unauthenticated attacker with network access to the Argo CD repo-server to achieve remote code execution. Under certain conditions, the attacker may then manipulate cached data to deploy...
CVE-2026-15416
Affected software/component: Argo CD repo-server (GitOps engine used by Red Hat OpenShift GitOps). The CVE-2026-15416 entry describes an unauthenticated attacker with network access who can achieve remote code execution on the Argo CD repo-server. Under certain conditions, this may allow the atta...
EUVD-2026-43544
Argo CD Helm Chart before 10.0.0 fails to install network policies by default, allowing any pod on a cluster to access repo-server and other Argo APIs. Attackers can exploit this unrestricted network access through combined attacks to achieve cluster compromise and remote code execution...
ArgoCD Project API Token Repository Credentials Exposure
Argo CD API tokens with project-level permissions are able to retrieve sensitive repository credentials usernames, passwords through the project details API endpoint, even when the token only has standard application management permissions and no explicit access to secrets. This vulnerability...
GHSA-XCGV-8MV7-V8C7 vulnerabilities
Vulnerabilities for packages: backup-restore-operator, src, k3s, telegraf, beats-fips, dataplaneapi, cloud-provider-aws, ingress-nginx-controller-fips, libnvidia-container, vault-fips, karpenter, loki, prometheus-mongodb-exporter, kubernetes-dashboard, knative-eventing-fips,...
GHSA-FF52-PH69-CF7X vulnerabilities
Vulnerabilities for packages: scorecard, percona-server-mongodb-operator, rancher, step-issuer, gitaly, cue, gatus, neuvector-scanner, gostatsd, prometheus, govulncheck, kyverno-policy-reporter-kyverno-plugin, pluto, aws-flb-cloudwatch, x509-certificate-exporter, pulumi-kubernetes-operator, nucle...
GHSA-79CF-XCQC-C78W vulnerabilities
Vulnerabilities for packages: argo-workflows...
CVE-2026-6402 vulnerabilities
Vulnerabilities for packages: argo-workflows...
GHSA-XCHC-CQWG-G76Q vulnerabilities
Vulnerabilities for packages: argo-workflows, kubeflow-pipelines...
GHSA-P4GQ-3VXJ-F4JQ vulnerabilities
Vulnerabilities for packages: argo-workflows, kubeflow-pipelines...
GHSA-7VF8-2CR6-54MF vulnerabilities
Vulnerabilities for packages: argo-workflows, kubeflow-pipelines...
CVE-2026-42295 vulnerabilities
Vulnerabilities for packages: argo-workflows, kubeflow-pipelines...
CVE-2026-42183 vulnerabilities
Vulnerabilities for packages: argo-workflows, kubeflow-pipelines...
CVE-2026-42297 vulnerabilities
Vulnerabilities for packages: argo-workflows, kubeflow-pipelines...
GHSA-P4GQ-3VXJ-F4JQ vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines, kubeflow-pipelines-driver-fips, argo-workflows-fips, kubeflow-pipelines-fips, argo-workflows...
CVE-2026-42297 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines, kubeflow-pipelines-driver-fips, argo-workflows-fips, kubeflow-pipelines-fips, argo-workflows...
CVE-2026-42183 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines, kubeflow-pipelines-driver-fips, argo-workflows-fips, kubeflow-pipelines-fips, argo-workflows...
CVE-2026-42295 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines, kubeflow-pipelines-driver-fips, argo-workflows-fips, kubeflow-pipelines-fips, argo-workflows...
GHSA-7VF8-2CR6-54MF vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines, kubeflow-pipelines-driver-fips, argo-workflows-fips, kubeflow-pipelines-fips, argo-workflows...
GHSA-XCHC-CQWG-G76Q vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines, kubeflow-pipelines-driver-fips, argo-workflows-fips, kubeflow-pipelines-fips, argo-workflows...