Information Disclosure

Argo CD is vulnerable to Information Exposure. The vulnerability is due to missing authorization and insufficient data masking in the ServerSideDiff endpoint, which allows an attacker with read-only access to extract plaintext Kubernetes Secret data through the Server-Side Apply dry-run mechanism...

BIT-ARGO-CD-2026-42880 ArgoCD ServerSideDiff is vulnerable to Kubernetes Secret Extraction

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. From versions 3.2.0 to before 3.2.11 and 3.3.0 to before 3.3.9, there is a missing authorization and data-masking gap in Argo CD's ServerSideDiff endpoint that allows an attacker with read-only access to extract plaintext...

CVE-2026-42880

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. From versions 3.2.0 to before 3.2.11 and 3.3.0 to before 3.3.9, there is a missing authorization and data-masking gap in Argo CD's ServerSideDiff endpoint that allows an attacker with read-only access to extract plaintext...

CVE-2026-42880 ArgoCD ServerSideDiff is vulnerable to Kubernetes Secret Extraction

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. From versions 3.2.0 to before 3.2.11 and 3.3.0 to before 3.3.9, there is a missing authorization and data-masking gap in Argo CD's ServerSideDiff endpoint that allows an attacker with read-only access to extract plaintext...

CVE-2026-42880

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. From versions 3.2.0 to before 3.2.11 and 3.3.0 to before 3.3.9, there is a missing authorization and data-masking gap in Argo CD's ServerSideDiff endpoint that allows an attacker with read-only access to extract plaintext...

CVE-2026-42880 ArgoCD ServerSideDiff is vulnerable to Kubernetes Secret Extraction

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. From versions 3.2.0 to before 3.2.11 and 3.3.0 to before 3.3.9, there is a missing authorization and data-masking gap in Argo CD's ServerSideDiff endpoint that allows an attacker with read-only access to extract plaintext...

CVE-2026-42880

CVE-2026-42880 (Argo CD) : A missing authorization/data-masking gap in Argo CD’s ServerSideDiff endpoint allows an attacker with read-only access to extract plaintext Secret data from etcd via the Kubernetes API server’s Server-Side Apply dry-run. Affected versions are 3.2.0–3.2.10 and 3.3.0–3.3....

CLSA-2026-1778140717 vim: Fix of 10 CVEs

CVE-2022-0158: fix Vim9 reading before start of line with single $ - CVE-2022-0696: fix crash when switching tabpage in cmdline window - CVE-2022-1674: fix crash when matching buffer with invalid pattern - CVE-2022-1725: fix using NULL regexp program in buffer matching - CVE-2022-1771: fix...

CLSA-2026-1778133583 vim: Fix of 10 CVEs

CVE-2022-0158: fix Vim9 reading before start of line with single $ - CVE-2022-0696: fix crash when switching tabpage in cmdline window - CVE-2022-1674: fix crash when matching buffer with invalid pattern - CVE-2022-1725: fix using NULL regexp program in buffer matching - CVE-2022-1771: fix...

ArgoCD ServerSideDiff is vulnerable to Kubernetes Secret Extraction

Summary There is a missing authorization and data-masking gap in Argo CD's ServerSideDiff endpoint that allows an attacker with read-only access to extract plaintext Kubernetes Secret data from etcd via the Kubernetes API server's Server-Side Apply dry-run mechanism. Details Argo CD masks Secret...

EUVD-2026-28469

ArgoCD ServerSideDiff is vulnerable to Kubernetes Secret Extraction...

GHSA-3V3M-WC6V-X4X3 ArgoCD ServerSideDiff is vulnerable to Kubernetes Secret Extraction

Summary There is a missing authorization and data-masking gap in Argo CD's ServerSideDiff endpoint that allows an attacker with read-only access to extract plaintext Kubernetes Secret data from etcd via the Kubernetes API server's Server-Side Apply dry-run mechanism. Details Argo CD masks Secret...

Argo CD 信息泄露漏洞

Argo CD is an open-source tool developed by Argo for Kubernetes, designed for declarative GitOps continuous delivery. Versions of Argo CD prior to 3.2.11 and 3.3.0–3.3.9 contained a vulnerability related to information leakage. This vulnerability stemmed from a lack of authorization and data...

CLSA-2026-1777476716 vim: Fix of 8 CVEs

CVE-2021-4019: replace the unbounded STRCPY pair in findhelptags with vimsnprintf bounded by IOSIZE to prevent heap buffer overflow with long :help arguments starting with "%z@". - CVE-2021-4192: re-fetch regline/reginput via reggetline after getvvcol in regmatchvisual so the cached line pointer...

CVE-Intelligence

VulnForge Local-only, single-user CVE alert & patch-priority...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses diff-8.0.2.tgz which is vulnerable to CVE-2026-24001

Summary IBM Maximo Application Suite - Visual Inspection component uses diff-8.0.2.tgz which is vulnerable to CVE-2026-24001, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-24001 DESCRIPTION: jsdiff is a JavaScript text...

Astra Linux - уязвимость в ffmpeg

A buffer overflow vulnerability exists in FFmpeg 4.2, specifically in the builddiffmap function within libavfilter/vffieldmatch.c. This vulnerability could allow a remote malicious user to cause a Denial of Service attack...

Improper Removal of Sensitive Information Before Storage or Transfer

Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer via the ServerSideDiff process. An attacker can access sensitive Kubernetes Secret data in cleartext by leveraging this process with appropriate permissions. Remediati...

CVE-2026-43824

In Argo CD 3.2.0 before 3.2.11 and 3.3.0 before 3.3.9, ServerSideDiff allows reading cleartext Kubernetes Secret data...

EUVD-2026-26726

In Argo CD 3.2.0 before 3.2.11 and 3.3.0 before 3.3.9, ServerSideDiff allows reading cleartext Kubernetes Secret data...