Lucene search
K

4 matches found

CVE
CVE
added 2026/05/09 3:52 a.m.22 views

CVE-2026-42296

Argo Workflows CVE-2026-42296 describes a bypass for templateReferencing: Strict that lets users with create Workflow access obtain host network access, switch service accounts, override pod security context, add tolerations to schedule on control-plane nodes, or enable SA token mounting. Root ca...

8.1CVSS7.1AI score0.00424EPSS
Exploits2References7Affected Software1
OSV
OSV
added 2026/05/04 8:11 p.m.5 views

GHSA-3775-99MW-8RP4 Argo has incomplete fix for CVE-2026-31892: hostNetwork, securityContext, serviceAccountName bypass templateReferencing Strict/Secure

The fix for CVE-2026-31892 commit 534f4ff blocks podSpecPatch when templateReferencing: Strict is active, but doesn't restrict other WorkflowSpec fields that flow through the same merge path and get applied to pods. A user can set hostNetwork: true, override serviceAccountName, or change...

8.1CVSS5.8AI score0.00424EPSS
Exploits2References8
CVE
CVE
added 2026/03/11 3:41 p.m.23 views

CVE-2026-31892

CVE-2026-31892 affects Argo Workflows (open-source Kubernetes workflow engine). A user who can submit a Workflow can bypass security settings defined in a referenced WorkflowTemplate by submitting a podSpecPatch in the Workflow, taking precedence during spec merging and applying to the pod with n...

9.9CVSS5.8AI score0.00413EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/11 3:41 p.m.7 views

CVE-2026-31892 WorkflowTemplate Security Bypass via podSpecPatch in Strict/Secure Reference Mode

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From 2.9.0 to before 4.0.2 and 3.7.11, A user who can submit Workflows can completely bypass all security settings defined in a WorkflowTemplate by including a podSpecPatch field in...

8.9CVSS5.8AI score0.00413EPSS
Exploits1References1
Rows per page
Query Builder