Lucene search
K

907 matches found

EUVD
EUVD
added 4 hours ago3 views

EUVD-2026-43544

Argo CD Helm Chart before 10.0.0 fails to install network policies by default, allowing any pod on a cluster to access repo-server and other Argo APIs. Attackers can exploit this unrestricted network access through combined attacks to achieve cluster compromise and remote code execution...

8.6CVSS6.2AI score
Exploits0References3
Nuclei
Nuclei
added yesterday72 views

ArgoCD Project API Token Repository Credentials Exposure

Argo CD API tokens with project-level permissions are able to retrieve sensitive repository credentials usernames, passwords through the project details API endpoint, even when the token only has standard application management permissions and no explicit access to secrets. This vulnerability...

9.9CVSS7.1AI score0.04518EPSS
Exploits1References3
Chainguard
Chainguard
added 5 days ago6 views

GHSA-XCGV-8MV7-V8C7 vulnerabilities

Vulnerabilities for packages: zarf-fips, kube-fluentd-operator, harbor, ocm-cli-fips, glab, azure-aad-pod-identity-mic, knative-eventing-fips, k9s-fips, redka, rekor-fips, libnvidia-container, flux-source-watcher-fips, apko, fuse-overlayfs-snapshotter, melange, mattermost,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/07/02 2:16 p.m.13 views

GHSA-R56H-J38W-HRQQ vulnerabilities

Vulnerabilities for packages: harvester, longhorn-share-manager, azuredisk-csi, eks-distro, cluster-autoscaler-fips, harvester-fips, kubernetes-csi-driver-hostpath, longhorn-manager, longhorn-share-manager-fips, longhorn-manager-fips, rancher-system-agent, azurefile-csi, azurefile-csi-fips,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/06/26 8:22 p.m.6 views

GHSA-5CGQ-3RG8-M6CV vulnerabilities

Vulnerabilities for packages: harbor, commercial-expanso-edge, gitlab-rails-ce, zitadel, argocd-image-updater, traefik, guac, vitess, gitsign, containerd, kubernetes, commercial-grafana, keda-fips, argo-events, nemo, prometheus, gitlab-rails-ce-fips, mattermost, knative-kafka-broker,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/06/26 8:22 p.m.5 views

GHSA-F5WC-C3C7-36MC vulnerabilities

Vulnerabilities for packages: packer-fips, zarf-fips, harbor, osv-scanner, rancher, knative-eventing-fips, spire-server, k9s-fips, argocd-image-updater, vitess, grype-db, pulumi-kubernetes-operator, docker-machine-driver-harvester, trivy-fips, argo-events, apko, melange, cloudbeat,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/06/26 8:22 p.m.7 views

GHSA-45GG-VH54-H5M9 vulnerabilities

Vulnerabilities for packages: zarf-fips, harbor, osv-scanner, rancher, knative-eventing-fips, spire-server, k9s-fips, argocd-image-updater, vitess, docker-machine-driver-harvester, trivy-fips, cloudbeat, mattermost, prometheus-mongodb-exporter, flux-image-automation-controller-fips, snyk-cli,...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2026/06/26 8:22 p.m.7 views

GHSA-5CGQ-3RG8-M6CV vulnerabilities

Vulnerabilities for packages: argocd-image-updater, k3s, argo-cd, prometheus, terragrunt, guac, telegraf, vitess, mattermost, containerd, argo-events, gitsign, istio...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2026/06/26 8:22 p.m.10 views

GHSA-X527-X647-Q7GG vulnerabilities

Vulnerabilities for packages: kubernetes-dashboard, snyk-cli, rancher, chisel, spire-server, fscrypt, kaf, kubescape, rancher-agent, flux-source-controller, flux-image-automation-controller, knative-serving, minio, external-dns, telegraf, vitess, cilium, k9s, skaffold, kubernetes,...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2026/06/26 8:22 p.m.8 views

GHSA-W879-237Q-WC7R vulnerabilities

Vulnerabilities for packages: snyk-cli, chisel, pulumi-language-yaml, terragrunt, ksops, gomplate, wolfictl, caddy, fulcio, vault-benchmark, telegraf, cosign, dagger, witness, podman, pulumi-language-java, helm, kots, step-issuer, prometheus, crossplane-provider-azure-authorization, gh,...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2026/06/26 8:22 p.m.8 views

GHSA-QPW4-5X99-6VJP vulnerabilities

Vulnerabilities for packages: snyk-cli, chisel, pulumi-language-yaml, terragrunt, gomplate, wolfictl, telegraf, dagger, witness, podman, pulumi-language-java, helm, kots, prometheus, gh, pulumi-language-dotnet, teleport, opentofu, gitlab-kas, zot, nerdctl, kubernetes-dashboard, spire-server,...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2026/06/26 8:22 p.m.6 views

GHSA-JPPX-RXG9-JMRX vulnerabilities

Vulnerabilities for packages: kubernetes-dashboard, snyk-cli, buildah, rancher, spire-server, fscrypt, kaf, rancher-agent, knative-serving, minio, external-dns, telegraf, vitess, cilium, kubernetes, podman, k3s, nerdctl, flux, cloud-provider-aws, helm, mattermost, cert-manager, kots, containerd,...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2026/06/26 8:22 p.m.9 views

GHSA-F5WC-C3C7-36MC vulnerabilities

Vulnerabilities for packages: snyk-cli, pulumi-language-yaml, terragrunt, gomplate, wolfictl, caddy, telegraf, dagger, witness, podman, pulumi-language-java, helm, kots, step-issuer, prometheus, pulumi-language-dotnet, teleport, go-discover, opentofu, gitlab-kas, zot, nerdctl, kubernetes-dashboar...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2026/06/26 8:22 p.m.8 views

GHSA-Q4H4-GMJ2-QVW2 vulnerabilities

Vulnerabilities for packages: snyk-cli, chisel, pulumi-language-yaml, terragrunt, crossplane-provider-aws-s3, ksops, crossplane-provider-aws-eks, crossplane-provider-aws-kms, gomplate, src, wolfictl, caddy, crossplane-provider-aws-lambda, crossplane-provider-aws-dynamodb, fulcio, docker-compose,...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2026/06/26 8:22 p.m.9 views

GHSA-89GR-R52H-F8RX vulnerabilities

Vulnerabilities for packages: snyk-cli, chisel, pulumi-language-yaml, terragrunt, ksops, gomplate, wolfictl, caddy, fulcio, vault-benchmark, telegraf, cosign, dagger, witness, podman, pulumi-language-java, helm, kots, step-issuer, prometheus, crossplane-provider-azure-authorization, gh,...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2026/06/26 8:22 p.m.10 views

GHSA-45GG-VH54-H5M9 vulnerabilities

Vulnerabilities for packages: kubernetes-dashboard, snyk-cli, rancher, chisel, spire-server, fscrypt, kaf, kubescape, rancher-agent, flux-source-controller, flux-image-automation-controller, knative-serving, minio, external-dns, telegraf, vitess, cilium, docker-machine-driver-harvester, k9s,...

6.1AI score
Exploits0
OSV
OSV
added 2026/06/25 6:26 p.m.6 views

GO-2026-5099 ArgoCD ServerSideDiff is vulnerable to Kubernetes Secret Extraction in github.com/argoproj/argo-cd

ArgoCD ServerSideDiff is vulnerable to Kubernetes Secret Extraction in github.com/argoproj/argo-cd...

9.6CVSS5.8AI score0.00505EPSS
Exploits2References2
Chainguard
Chainguard
added 2026/06/23 8:16 a.m.9 views

CVE-2026-41178 vulnerabilities

Vulnerabilities for packages: packer-fips, gcp-compute-persistent-disk-csi-driver-fips, redpanda, eck-operator-fips, trident-fips, crossplane-provider-azure-signalrservice, spire-server, k8s-agents-operator-fips, temporal-server-fips, ansible-operator-fips, containerd-fips, grype-db,...

5.3CVSS6.1AI score0.00237EPSS
Exploits0
Chainguard
Chainguard
added 2026/06/23 8:16 a.m.10 views

GHSA-5WRP-CWCJ-Q835 vulnerabilities

Vulnerabilities for packages: packer-fips, gcp-compute-persistent-disk-csi-driver-fips, redpanda, eck-operator-fips, trident-fips, crossplane-provider-azure-signalrservice, spire-server, k8s-agents-operator-fips, temporal-server-fips, ansible-operator-fips, containerd-fips, grype-db,...

6.1AI score
Exploits0
OSV
OSV
added 2026/06/08 1:10 p.m.19 views

CLEANSTART-2026-WF25734 Security fixes for CVE-2025-47912, CVE-2025-55190, CVE-2025-55191, CVE-2025-58183, CVE-2025-58185, CVE-2025-58186, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-59537, CVE-2025-59538, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2026-24051, CVE-2026-25680, CVE-2026-25681, CVE-2026-27136, CVE-2026-27145, CVE-2026-29181, CVE-2026-33186, CVE-2026-33762, CVE-2026-34165, CVE-2026-34986, CVE-2026-35469, CVE-2026-39821, CVE-2026-39827, CVE-2026-39828, CVE-2026-39829, CVE-2026-39830, CVE-2026-39831, CVE-2026-39832, CVE-2026-39833, CVE-2026-39834, CVE-2026-39835, CVE-2026-39883, CVE-2026-41506, CVE-2026-42502, CVE-2026-42504, CVE-2026-42506, CVE-2026-42507, CVE-2026-42508, CVE-2026-42880, CVE-2026-44740, CVE-2026-44973, CVE-2026-45022, CVE-2026-45570, CVE-2026-45571, CVE-2026-45737, CVE-2026-45738, CVE-2026-46595, CVE-2026-46597, CVE-2026-46598, ghsa-2v5j-vhc3-9cwm, ghsa-2vgg-9h3w-qbr4, ghsa-2xsj-vh29-9cwm, ghsa-37cx-329c-33x3, ghsa-389r-gv7p-r3rp, ghsa-3v3m-wc6v-x4x3, ghsa-3wgm-2mw2-vh5m, ghsa-3xc5-wrhm-f963, ghsa-4x4m-3c2p-qppc, ghsa-6v2p-p543-phr9, ghsa-78h2-9frx-2jm8, ghsa-92cp-5422-2m47, ghsa-93mq-9ffx-83m2, ghsa-crhj-59gh-8x96, ghsa-f6x5-jh6r-wrfv, ghsa-gm2x-2g9h-ccm8, ghsa-gxhx-2686-5h9g, ghsa-h98r-wv3h-fr38, ghsa-hfvc-g4fc-pqhx, ghsa-hj2p-8wj8-pfq4, ghsa-j5w8-q4qc-rx2x, ghsa-jhf3-xxhw-2wpp, ghsa-m3xc-h892-ggx6, ghsa-m7cr-m3pv-hgrp, ghsa-mh2q-q3fh-2475, ghsa-mh63-6h87-95cp, ghsa-mw99-9chc-xw7r, ghsa-pc3f-x583-g7j2, ghsa-qw64-3x98-g7q2, ghsa-rg3g-4rw9-gqrp applied in versions: 2.13.9-r0, 2.14.20-r0, 3.0.16-r0, 3.0.19-r0, 3.1.4-r0, 3.1.8.-r0, 3.1.9-r4, 3.2.7-r0, 3.3.3-r0, 3.3.4-r0, 3.3.5-r0, 3.3.5-r1, 3.3.5-r2, 3.3.5-r3

Multiple security vulnerabilities affect the argo-cd package. These issues are resolved in later releases. See references for individual vulnerability details...

10CVSS7.5AI score0.04518EPSS
Exploits8References137
Rows per page
Query Builder