2687 matches found
CVE-2026-15416 Argo-cd: argo cd unauthenticated remote code execution in repo-server via generatemanifest grpc endpoint
A flaw was identified in Argo CD, the GitOps engine used by Red Hat OpenShift GitOps, that could allow an unauthenticated attacker with network access to the Argo CD repo-server to achieve remote code execution. Under certain conditions, the attacker may then manipulate cached data to deploy...
CVE-2026-15416
Affected software/component: Argo CD repo-server (GitOps engine used by Red Hat OpenShift GitOps). The CVE-2026-15416 entry describes an unauthenticated attacker with network access who can achieve remote code execution on the Argo CD repo-server. Under certain conditions, this may allow the atta...
EUVD-2026-43648
A flaw was identified in Argo CD, the GitOps engine used by Red Hat OpenShift GitOps, that could allow an unauthenticated attacker with network access to the Argo CD repo-server to achieve remote code execution. Under certain conditions, the attacker may then manipulate cached data to deploy...
ArgoCD Project API Token Repository Credentials Exposure
Argo CD API tokens with project-level permissions are able to retrieve sensitive repository credentials usernames, passwords through the project details API endpoint, even when the token only has standard application management permissions and no explicit access to secrets. This vulnerability...
EUVD-2026-43544
Argo CD Helm Chart before 10.0.0 fails to install network policies by default, allowing any pod on a cluster to access repo-server and other Argo APIs. Attackers can exploit this unrestricted network access through combined attacks to achieve cluster compromise and remote code execution...
CVE-2026-62185
Argo CD Helm Chart before 10.0.0 fails to install network policies by default, allowing any pod on a cluster to access repo-server and other Argo APIs. Attackers can exploit this unrestricted network access through combined attacks to achieve cluster compromise and remote code execution...
CVE-2026-62185 Argo CD Helm Chart < 10.0.0 Missing Network Policy RCE
Argo CD Helm Chart before 10.0.0 fails to install network policies by default, allowing any pod on a cluster to access repo-server and other Argo APIs. Attackers can exploit this unrestricted network access through combined attacks to achieve cluster compromise and remote code execution...
CVE-2026-62185
The CVE-2026-62185 affects the Argo CD Helm Chart prior to 10.0.0, which fails to install network policies by default. As a result, any pod on the cluster can access the repo-server and other Argo APIs, enabling unrestricted network access. This can lead to cluster compromise and remote code exec...
PT-2026-57887
Name of the Vulnerable Software and Affected Versions Argo CD Helm Chart versions prior to 10.0.0 Description The software fails to install network policies by default, which allows any pod within the cluster to access the repo-server and other Argo APIs. This unrestricted network access can be...
GHSA-XCGV-8MV7-V8C7 vulnerabilities
Vulnerabilities for packages: apko, consul, rekor-fips, gatekeeper-fips, knative-operator-fips, mattermost-fips, buildkite-agent-fips, prometheus-operator, buildkitd-fips, vault-secrets-operator, buildah-fips, frankenphp-8.2, pinact, traefik-fips, docker-cli-fips, kubernetes-dashboard,...
GHSA-R56H-J38W-HRQQ vulnerabilities
Vulnerabilities for packages: azuredisk-csi, argo-cd-fips, kubernetes-csi-driver-hostpath, harvester, rancher-system-agent, rke2-runtime-fips, eks-distro, harvester-fips, azurefile-csi-fips, longhorn-manager, longhorn-share-manager-fips, cluster-autoscaler-fips, azurefile-csi,...
PT-2026-57021
Name of the Vulnerable Software and Affected Versions GraphicsMagick affected versions not specified Description Processing a specially crafted Photo CD PCD file can lead to memory corruption, a condition where the software incorrectly writes data to memory locations, potentially causing crashes ...
CVE-2026-13606
A flaw was found in GraphicsMagick's Photo CD PCD decoder. A remote attacker could exploit this vulnerability by providing a specially crafted PCD file. This could lead to an out-of-bounds write, corrupting memory and potentially causing a denial of service or other unpredictable system behavior...
GHSA-5CGQ-3RG8-M6CV vulnerabilities
Vulnerabilities for packages: keda-fips, mattermost-fips, nemo, harbor, traefik, commercial-grafana, guac, argo-events, apply-cve-bump, istio, knative-kafka-broker-fips, omnictl-multiarch-fips, omnictl-multiarch, prometheus-mongodb-exporter, prometheus, traefik-fips, argo-cd-fips, k3s, argo-cd,...
GHSA-F5WC-C3C7-36MC vulnerabilities
Vulnerabilities for packages: apko, skaffold, consul, osv-scanner, gatekeeper-fips, mattermost-fips, cloudbeat-fips, tekton-pipelines, kubescape-server, kaf, prometheus-operator, prometheus-podman-exporter-fips, nuclei, step-kms-plugin-fips, buildah-fips, mapotf-fips, go-discover, kubescape,...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: skaffold, osv-scanner, gatekeeper-fips, mattermost-fips, cloudbeat-fips, tekton-pipelines, seaweedfs-rocksdb-fips, kubescape-server, kaf, prometheus-operator, kubescape, frankenphp-8.2, traefik-fips, kubernetes-dashboard, argocd-image-updater-fips, zot, trivy-operato...
GHSA-5CGQ-3RG8-M6CV vulnerabilities
Vulnerabilities for packages: prometheus, istio, gitsign, mattermost, k3s, containerd, telegraf, argo-events, guac, argocd-image-updater, terragrunt, argo-cd, vitess...
GHSA-X527-X647-Q7GG vulnerabilities
Vulnerabilities for packages: knative-serving, flux-source-controller, istio, mattermost, nerdctl, gitlab-kas, spire-server, trivy-operator, containerd, kyverno, chisel, telegraf, snyk-cli, gitea, helm, kubescape, prometheus, rancher-agent, kine, kots, zarf, cilium,...
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: gitlab-kas, kyverno, openbao, chisel, neuvector-sigstore-interface, scorecard, gitlab-runner, fulcio, zarf, dagger, cilium, gomplate, k9s, cilium-cli, argo-cd, external-secrets-operator, grype, rancher, crossplane-provider-family-azure, zot, loki, fscrypt, tflint,...
GHSA-Q4H4-GMJ2-QVW2 vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-ec2, gitlab-kas, kyverno, openbao, chisel, neuvector-sigstore-interface, crossplane-provider-aws-iam, scorecard, gitlab-runner, fulcio, zarf, dagger, cilium, gomplate, k9s, cilium-cli, argo-cd, external-secrets-operator, grype, rancher,...