CVE-2026-54526
Argo Workflows CVE-2026-54526 affects workflows prior to 3.7.15 and 4.0.6 where the allow-list fix for CVE-2026-31892 is incomplete. The flaw stems from ValidateUserOverrides and SanitizeUserWorkflowSpec only inspecting top-level WorkflowSpec fields, leaving WorkflowSpec.ArtifactGC’s underlying W...