CVE-2026-43824

In Argo CD 3.2.0 before 3.2.11 and 3.3.0 before 3.3.9, ServerSideDiff allows reading cleartext Kubernetes Secret data...

EUVD-2026-26726

In Argo CD 3.2.0 before 3.2.11 and 3.3.0 before 3.3.9, ServerSideDiff allows reading cleartext Kubernetes Secret data...

CVE-2026-43824

In Argo CD 3.2.0 before 3.2.11 and 3.3.0 before 3.3.9, ServerSideDiff allows reading cleartext Kubernetes Secret data...

CVE-2026-43824

Vulnerability summary (CVE-2026-43824) : In Argo CD, versions 3.2.0 up to (but not including) 3.2.11 and 3.3.0 up to (but not including) 3.3.9 expose cleartext Kubernetes Secret data via ServerSideDiff. This is the underlying issue described by the CVE, with the impact stated as exposure of secre...

Argo CD 安全漏洞

Argo CD is an open-source tool developed by Argo for Kubernetes, designed for declarative GitOps continuous delivery. There were security vulnerabilities in versions of Argo CD between 3.2.0 and 3.2.11, as well as between 3.3.0 and 3.3.9. These vulnerabilities stemmed from ServerSideDiff allowing...

PT-2026-36558

Name of the Vulnerable Software and Affected Versions Argo CD versions 3.2.0 through 3.2.10 Argo CD versions 3.3.0 through 3.3.8 Description The 'ServerSideDiff' endpoint allows the disclosure of cleartext Kubernetes Secret data. This occurs when the IncludeMutationWebhook variable is set to true...