907 matches found
EUVD-2026-43544
Argo CD Helm Chart before 10.0.0 fails to install network policies by default, allowing any pod on a cluster to access repo-server and other Argo APIs. Attackers can exploit this unrestricted network access through combined attacks to achieve cluster compromise and remote code execution...
ArgoCD Project API Token Repository Credentials Exposure
Argo CD API tokens with project-level permissions are able to retrieve sensitive repository credentials usernames, passwords through the project details API endpoint, even when the token only has standard application management permissions and no explicit access to secrets. This vulnerability...
GHSA-XCGV-8MV7-V8C7 vulnerabilities
Vulnerabilities for packages: zarf-fips, kube-fluentd-operator, harbor, ocm-cli-fips, glab, azure-aad-pod-identity-mic, knative-eventing-fips, k9s-fips, redka, rekor-fips, libnvidia-container, flux-source-watcher-fips, apko, fuse-overlayfs-snapshotter, melange, mattermost,...
GHSA-R56H-J38W-HRQQ vulnerabilities
Vulnerabilities for packages: harvester, longhorn-share-manager, azuredisk-csi, eks-distro, cluster-autoscaler-fips, harvester-fips, kubernetes-csi-driver-hostpath, longhorn-manager, longhorn-share-manager-fips, longhorn-manager-fips, rancher-system-agent, azurefile-csi, azurefile-csi-fips,...
GHSA-5CGQ-3RG8-M6CV vulnerabilities
Vulnerabilities for packages: harbor, commercial-expanso-edge, gitlab-rails-ce, zitadel, argocd-image-updater, traefik, guac, vitess, gitsign, containerd, kubernetes, commercial-grafana, keda-fips, argo-events, nemo, prometheus, gitlab-rails-ce-fips, mattermost, knative-kafka-broker,...
GHSA-F5WC-C3C7-36MC vulnerabilities
Vulnerabilities for packages: packer-fips, zarf-fips, harbor, osv-scanner, rancher, knative-eventing-fips, spire-server, k9s-fips, argocd-image-updater, vitess, grype-db, pulumi-kubernetes-operator, docker-machine-driver-harvester, trivy-fips, argo-events, apko, melange, cloudbeat,...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: zarf-fips, harbor, osv-scanner, rancher, knative-eventing-fips, spire-server, k9s-fips, argocd-image-updater, vitess, docker-machine-driver-harvester, trivy-fips, cloudbeat, mattermost, prometheus-mongodb-exporter, flux-image-automation-controller-fips, snyk-cli,...
GHSA-5CGQ-3RG8-M6CV vulnerabilities
Vulnerabilities for packages: argocd-image-updater, k3s, argo-cd, prometheus, terragrunt, guac, telegraf, vitess, mattermost, containerd, argo-events, gitsign, istio...
GHSA-X527-X647-Q7GG vulnerabilities
Vulnerabilities for packages: kubernetes-dashboard, snyk-cli, rancher, chisel, spire-server, fscrypt, kaf, kubescape, rancher-agent, flux-source-controller, flux-image-automation-controller, knative-serving, minio, external-dns, telegraf, vitess, cilium, k9s, skaffold, kubernetes,...
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: snyk-cli, chisel, pulumi-language-yaml, terragrunt, ksops, gomplate, wolfictl, caddy, fulcio, vault-benchmark, telegraf, cosign, dagger, witness, podman, pulumi-language-java, helm, kots, step-issuer, prometheus, crossplane-provider-azure-authorization, gh,...
GHSA-QPW4-5X99-6VJP vulnerabilities
Vulnerabilities for packages: snyk-cli, chisel, pulumi-language-yaml, terragrunt, gomplate, wolfictl, telegraf, dagger, witness, podman, pulumi-language-java, helm, kots, prometheus, gh, pulumi-language-dotnet, teleport, opentofu, gitlab-kas, zot, nerdctl, kubernetes-dashboard, spire-server,...
GHSA-JPPX-RXG9-JMRX vulnerabilities
Vulnerabilities for packages: kubernetes-dashboard, snyk-cli, buildah, rancher, spire-server, fscrypt, kaf, rancher-agent, knative-serving, minio, external-dns, telegraf, vitess, cilium, kubernetes, podman, k3s, nerdctl, flux, cloud-provider-aws, helm, mattermost, cert-manager, kots, containerd,...
GHSA-F5WC-C3C7-36MC vulnerabilities
Vulnerabilities for packages: snyk-cli, pulumi-language-yaml, terragrunt, gomplate, wolfictl, caddy, telegraf, dagger, witness, podman, pulumi-language-java, helm, kots, step-issuer, prometheus, pulumi-language-dotnet, teleport, go-discover, opentofu, gitlab-kas, zot, nerdctl, kubernetes-dashboar...
GHSA-Q4H4-GMJ2-QVW2 vulnerabilities
Vulnerabilities for packages: snyk-cli, chisel, pulumi-language-yaml, terragrunt, crossplane-provider-aws-s3, ksops, crossplane-provider-aws-eks, crossplane-provider-aws-kms, gomplate, src, wolfictl, caddy, crossplane-provider-aws-lambda, crossplane-provider-aws-dynamodb, fulcio, docker-compose,...
GHSA-89GR-R52H-F8RX vulnerabilities
Vulnerabilities for packages: snyk-cli, chisel, pulumi-language-yaml, terragrunt, ksops, gomplate, wolfictl, caddy, fulcio, vault-benchmark, telegraf, cosign, dagger, witness, podman, pulumi-language-java, helm, kots, step-issuer, prometheus, crossplane-provider-azure-authorization, gh,...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: kubernetes-dashboard, snyk-cli, rancher, chisel, spire-server, fscrypt, kaf, kubescape, rancher-agent, flux-source-controller, flux-image-automation-controller, knative-serving, minio, external-dns, telegraf, vitess, cilium, docker-machine-driver-harvester, k9s,...
GO-2026-5099 ArgoCD ServerSideDiff is vulnerable to Kubernetes Secret Extraction in github.com/argoproj/argo-cd
ArgoCD ServerSideDiff is vulnerable to Kubernetes Secret Extraction in github.com/argoproj/argo-cd...
CVE-2026-41178 vulnerabilities
Vulnerabilities for packages: packer-fips, gcp-compute-persistent-disk-csi-driver-fips, redpanda, eck-operator-fips, trident-fips, crossplane-provider-azure-signalrservice, spire-server, k8s-agents-operator-fips, temporal-server-fips, ansible-operator-fips, containerd-fips, grype-db,...
GHSA-5WRP-CWCJ-Q835 vulnerabilities
Vulnerabilities for packages: packer-fips, gcp-compute-persistent-disk-csi-driver-fips, redpanda, eck-operator-fips, trident-fips, crossplane-provider-azure-signalrservice, spire-server, k8s-agents-operator-fips, temporal-server-fips, ansible-operator-fips, containerd-fips, grype-db,...
CLEANSTART-2026-WF25734 Security fixes for CVE-2025-47912, CVE-2025-55190, CVE-2025-55191, CVE-2025-58183, CVE-2025-58185, CVE-2025-58186, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-59537, CVE-2025-59538, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2026-24051, CVE-2026-25680, CVE-2026-25681, CVE-2026-27136, CVE-2026-27145, CVE-2026-29181, CVE-2026-33186, CVE-2026-33762, CVE-2026-34165, CVE-2026-34986, CVE-2026-35469, CVE-2026-39821, CVE-2026-39827, CVE-2026-39828, CVE-2026-39829, CVE-2026-39830, CVE-2026-39831, CVE-2026-39832, CVE-2026-39833, CVE-2026-39834, CVE-2026-39835, CVE-2026-39883, CVE-2026-41506, CVE-2026-42502, CVE-2026-42504, CVE-2026-42506, CVE-2026-42507, CVE-2026-42508, CVE-2026-42880, CVE-2026-44740, CVE-2026-44973, CVE-2026-45022, CVE-2026-45570, CVE-2026-45571, CVE-2026-45737, CVE-2026-45738, CVE-2026-46595, CVE-2026-46597, CVE-2026-46598, ghsa-2v5j-vhc3-9cwm, ghsa-2vgg-9h3w-qbr4, ghsa-2xsj-vh29-9cwm, ghsa-37cx-329c-33x3, ghsa-389r-gv7p-r3rp, ghsa-3v3m-wc6v-x4x3, ghsa-3wgm-2mw2-vh5m, ghsa-3xc5-wrhm-f963, ghsa-4x4m-3c2p-qppc, ghsa-6v2p-p543-phr9, ghsa-78h2-9frx-2jm8, ghsa-92cp-5422-2m47, ghsa-93mq-9ffx-83m2, ghsa-crhj-59gh-8x96, ghsa-f6x5-jh6r-wrfv, ghsa-gm2x-2g9h-ccm8, ghsa-gxhx-2686-5h9g, ghsa-h98r-wv3h-fr38, ghsa-hfvc-g4fc-pqhx, ghsa-hj2p-8wj8-pfq4, ghsa-j5w8-q4qc-rx2x, ghsa-jhf3-xxhw-2wpp, ghsa-m3xc-h892-ggx6, ghsa-m7cr-m3pv-hgrp, ghsa-mh2q-q3fh-2475, ghsa-mh63-6h87-95cp, ghsa-mw99-9chc-xw7r, ghsa-pc3f-x583-g7j2, ghsa-qw64-3x98-g7q2, ghsa-rg3g-4rw9-gqrp applied in versions: 2.13.9-r0, 2.14.20-r0, 3.0.16-r0, 3.0.19-r0, 3.1.4-r0, 3.1.8.-r0, 3.1.9-r4, 3.2.7-r0, 3.3.3-r0, 3.3.4-r0, 3.3.5-r0, 3.3.5-r1, 3.3.5-r2, 3.3.5-r3
Multiple security vulnerabilities affect the argo-cd package. These issues are resolved in later releases. See references for individual vulnerability details...