CVE-2026-43824
Argo CD vulnerable via ServerSideDiff: versions 3.2.0–3.2.10 and 3.3.0–3.3.8 expose cleartext Kubernetes Secret data. Root cause is the ServerSideDiff endpoint returning raw Secret data when IncludeMutationWebhook is enabled, effectively leaking sensitive information in responses. Upstream fixes ...