Lucene search
K

2687 matches found

Cvelist
Cvelist
added 7 hours ago5 views

CVE-2026-15416 Argo-cd: argo cd unauthenticated remote code execution in repo-server via generatemanifest grpc endpoint

A flaw was identified in Argo CD, the GitOps engine used by Red Hat OpenShift GitOps, that could allow an unauthenticated attacker with network access to the Argo CD repo-server to achieve remote code execution. Under certain conditions, the attacker may then manipulate cached data to deploy...

8.9CVSS
Exploits0References6
CVE
CVE
added 7 hours ago13 views

CVE-2026-15416

Affected software/component: Argo CD repo-server (GitOps engine used by Red Hat OpenShift GitOps). The CVE-2026-15416 entry describes an unauthenticated attacker with network access who can achieve remote code execution on the Argo CD repo-server. Under certain conditions, this may allow the atta...

8.9CVSS6.2AI score
Exploits0References6
EUVD
EUVD
added 7 hours ago5 views

EUVD-2026-43648

A flaw was identified in Argo CD, the GitOps engine used by Red Hat OpenShift GitOps, that could allow an unauthenticated attacker with network access to the Argo CD repo-server to achieve remote code execution. Under certain conditions, the attacker may then manipulate cached data to deploy...

8.9CVSS6.2AI score
Exploits0References6
Nuclei
Nuclei
added 9 hours ago72 views

ArgoCD Project API Token Repository Credentials Exposure

Argo CD API tokens with project-level permissions are able to retrieve sensitive repository credentials usernames, passwords through the project details API endpoint, even when the token only has standard application management permissions and no explicit access to secrets. This vulnerability...

9.9CVSS7.1AI score0.04518EPSS
Exploits1References3
EUVD
EUVD
added 15 hours ago4 views

EUVD-2026-43544

Argo CD Helm Chart before 10.0.0 fails to install network policies by default, allowing any pod on a cluster to access repo-server and other Argo APIs. Attackers can exploit this unrestricted network access through combined attacks to achieve cluster compromise and remote code execution...

8.6CVSS6.2AI score
Exploits0References3
NVD
NVD
added yesterday5 views

CVE-2026-62185

Argo CD Helm Chart before 10.0.0 fails to install network policies by default, allowing any pod on a cluster to access repo-server and other Argo APIs. Attackers can exploit this unrestricted network access through combined attacks to achieve cluster compromise and remote code execution...

8.6CVSS
Exploits0References2
Cvelist
Cvelist
added yesterday24 views

CVE-2026-62185 Argo CD Helm Chart < 10.0.0 Missing Network Policy RCE

Argo CD Helm Chart before 10.0.0 fails to install network policies by default, allowing any pod on a cluster to access repo-server and other Argo APIs. Attackers can exploit this unrestricted network access through combined attacks to achieve cluster compromise and remote code execution...

8.6CVSS
Exploits0References2
CVE
CVE
added yesterday9 views

CVE-2026-62185

The CVE-2026-62185 affects the Argo CD Helm Chart prior to 10.0.0, which fails to install network policies by default. As a result, any pod on the cluster can access the repo-server and other Argo APIs, enabling unrestricted network access. This can lead to cluster compromise and remote code exec...

8.6CVSS6.2AI score
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday4 views

PT-2026-57887

Name of the Vulnerable Software and Affected Versions Argo CD Helm Chart versions prior to 10.0.0 Description The software fails to install network policies by default, which allows any pod within the cluster to access the repo-server and other Argo APIs. This unrestricted network access can be...

8.6CVSS6.5AI score
Exploits0References4
Chainguard
Chainguard
added 5 days ago7 views

GHSA-XCGV-8MV7-V8C7 vulnerabilities

Vulnerabilities for packages: apko, consul, rekor-fips, gatekeeper-fips, knative-operator-fips, mattermost-fips, buildkite-agent-fips, prometheus-operator, buildkitd-fips, vault-secrets-operator, buildah-fips, frankenphp-8.2, pinact, traefik-fips, docker-cli-fips, kubernetes-dashboard,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/07/02 2:16 p.m.13 views

GHSA-R56H-J38W-HRQQ vulnerabilities

Vulnerabilities for packages: azuredisk-csi, argo-cd-fips, kubernetes-csi-driver-hostpath, harvester, rancher-system-agent, rke2-runtime-fips, eks-distro, harvester-fips, azurefile-csi-fips, longhorn-manager, longhorn-share-manager-fips, cluster-autoscaler-fips, azurefile-csi,...

6.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.5 views

PT-2026-57021

Name of the Vulnerable Software and Affected Versions GraphicsMagick affected versions not specified Description Processing a specially crafted Photo CD PCD file can lead to memory corruption, a condition where the software incorrectly writes data to memory locations, potentially causing crashes ...

6.1AI score
Exploits0References11
RedhatCVE
RedhatCVE
added 2026/06/29 8:43 a.m.6 views

CVE-2026-13606

A flaw was found in GraphicsMagick's Photo CD PCD decoder. A remote attacker could exploit this vulnerability by providing a specially crafted PCD file. This could lead to an out-of-bounds write, corrupting memory and potentially causing a denial of service or other unpredictable system behavior...

8.1CVSS5.7AI score
Exploits0References4
Chainguard
Chainguard
added 2026/06/26 8:22 p.m.6 views

GHSA-5CGQ-3RG8-M6CV vulnerabilities

Vulnerabilities for packages: keda-fips, mattermost-fips, nemo, harbor, traefik, commercial-grafana, guac, argo-events, apply-cve-bump, istio, knative-kafka-broker-fips, omnictl-multiarch-fips, omnictl-multiarch, prometheus-mongodb-exporter, prometheus, traefik-fips, argo-cd-fips, k3s, argo-cd,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/06/26 8:22 p.m.5 views

GHSA-F5WC-C3C7-36MC vulnerabilities

Vulnerabilities for packages: apko, skaffold, consul, osv-scanner, gatekeeper-fips, mattermost-fips, cloudbeat-fips, tekton-pipelines, kubescape-server, kaf, prometheus-operator, prometheus-podman-exporter-fips, nuclei, step-kms-plugin-fips, buildah-fips, mapotf-fips, go-discover, kubescape,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/06/26 8:22 p.m.7 views

GHSA-45GG-VH54-H5M9 vulnerabilities

Vulnerabilities for packages: skaffold, osv-scanner, gatekeeper-fips, mattermost-fips, cloudbeat-fips, tekton-pipelines, seaweedfs-rocksdb-fips, kubescape-server, kaf, prometheus-operator, kubescape, frankenphp-8.2, traefik-fips, kubernetes-dashboard, argocd-image-updater-fips, zot, trivy-operato...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2026/06/26 8:22 p.m.8 views

GHSA-5CGQ-3RG8-M6CV vulnerabilities

Vulnerabilities for packages: prometheus, istio, gitsign, mattermost, k3s, containerd, telegraf, argo-events, guac, argocd-image-updater, terragrunt, argo-cd, vitess...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2026/06/26 8:22 p.m.10 views

GHSA-X527-X647-Q7GG vulnerabilities

Vulnerabilities for packages: knative-serving, flux-source-controller, istio, mattermost, nerdctl, gitlab-kas, spire-server, trivy-operator, containerd, kyverno, chisel, telegraf, snyk-cli, gitea, helm, kubescape, prometheus, rancher-agent, kine, kots, zarf, cilium,...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2026/06/26 8:22 p.m.8 views

GHSA-W879-237Q-WC7R vulnerabilities

Vulnerabilities for packages: gitlab-kas, kyverno, openbao, chisel, neuvector-sigstore-interface, scorecard, gitlab-runner, fulcio, zarf, dagger, cilium, gomplate, k9s, cilium-cli, argo-cd, external-secrets-operator, grype, rancher, crossplane-provider-family-azure, zot, loki, fscrypt, tflint,...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2026/06/26 8:22 p.m.9 views

GHSA-Q4H4-GMJ2-QVW2 vulnerabilities

Vulnerabilities for packages: crossplane-provider-aws-ec2, gitlab-kas, kyverno, openbao, chisel, neuvector-sigstore-interface, crossplane-provider-aws-iam, scorecard, gitlab-runner, fulcio, zarf, dagger, cilium, gomplate, k9s, cilium-cli, argo-cd, external-secrets-operator, grype, rancher,...

6.1AI score
Exploits0
Rows per page
Query Builder