Lucene search
+L

43 matches found

NVD
NVD
added 4 days ago6 views

CVE-2026-15416

A flaw was identified in Argo CD, the GitOps engine used by Red Hat OpenShift GitOps, that could allow an unauthenticated attacker with network access to the Argo CD repo-server to achieve remote code execution. Under certain conditions, the attacker may then manipulate cached data to deploy...

8.9CVSS0.00281EPSS
Exploits0References6
Cvelist
Cvelist
added 4 days ago24 views

CVE-2026-15416 Argo-cd: argo cd unauthenticated remote code execution in repo-server via generatemanifest grpc endpoint

A flaw was identified in Argo CD, the GitOps engine used by Red Hat OpenShift GitOps, that could allow an unauthenticated attacker with network access to the Argo CD repo-server to achieve remote code execution. Under certain conditions, the attacker may then manipulate cached data to deploy...

8.9CVSS0.00281EPSS
Exploits0References6
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-43648

A flaw was identified in Argo CD, the GitOps engine used by Red Hat OpenShift GitOps, that could allow an unauthenticated attacker with network access to the Argo CD repo-server to achieve remote code execution. Under certain conditions, the attacker may then manipulate cached data to deploy...

8.9CVSS6.2AI score0.00281EPSS
Exploits0References6
CVE
CVE
added 4 days ago26 views

CVE-2026-15416

Affected software/component: Argo CD repo-server (GitOps engine used by Red Hat OpenShift GitOps). The CVE-2026-15416 entry describes an unauthenticated attacker with network access who can achieve remote code execution on the Argo CD repo-server. Under certain conditions, this may allow the atta...

8.9CVSS6.2AI score0.00281EPSS
Exploits0References6
OSV
OSV
added 4 days ago4 views

CVE-2026-15416 Argo-cd: argo cd unauthenticated remote code execution in repo-server via generatemanifest grpc endpoint

A flaw was identified in Argo CD, the GitOps engine used by Red Hat OpenShift GitOps, that could allow an unauthenticated attacker with network access to the Argo CD repo-server to achieve remote code execution. Under certain conditions, the attacker may then manipulate cached data to deploy...

8.9CVSS6.3AI score0.00284EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 4 days ago6 views

CVE-2026-15416

A flaw was identified in Argo CD, the GitOps engine used by Red Hat OpenShift GitOps, that could allow an unauthenticated attacker with network access to the Argo CD repo-server to achieve remote code execution. Under certain conditions, the attacker may then manipulate cached data to deploy...

8.9CVSS6.3AI score0.00281EPSS
Exploits0References7
EUVD
EUVD
added 4 days ago5 views

EUVD-2026-43544

Argo CD Helm Chart before 10.0.0 fails to install network policies by default, allowing any pod on a cluster to access repo-server and other Argo APIs. Attackers can exploit this unrestricted network access through combined attacks to achieve cluster compromise and remote code execution...

8.6CVSS6.2AI score0.00284EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 4 days ago10 views

PT-2026-57989

Name of the Vulnerable Software and Affected Versions OpenShift Data Foundation 4 odf-multicluster-rhel9-operator affected versions not specified OpenShift GitOps argocd-image-updater-rhel8 affected versions not specified OpenShift GitOps argocd-rhel8 affected versions not specified OpenShift...

8.9CVSS6.3AI score0.00281EPSS
Exploits0References16
NVD
NVD
added 5 days ago7 views

CVE-2026-62185

Argo CD Helm Chart before 10.0.0 fails to install network policies by default, allowing any pod on a cluster to access repo-server and other Argo APIs. Attackers can exploit this unrestricted network access through combined attacks to achieve cluster compromise and remote code execution...

8.6CVSS0.00284EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 5 days ago5 views

PT-2026-57887

Name of the Vulnerable Software and Affected Versions Argo CD Helm Chart versions prior to 10.0.0 Description The software fails to install network policies by default, which allows any pod within the cluster to access the repo-server and other Argo APIs. This unrestricted network access can be...

8.6CVSS6.5AI score0.00284EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-0949

Malicious code in bioql PyPI...

6.5CVSS6.8AI score0.00972EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-2501

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.01176EPSS
Exploits0References8
OSV
OSV
added 2024/08/21 3:11 p.m.19 views

GO-2022-0453 Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd

Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd...

4.3CVSS5.4AI score0.01074EPSS
Exploits0References8
OSV
OSV
added 2024/08/21 2:30 p.m.29 views

GO-2022-0357 Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd

Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd...

7.7CVSS7.3AI score0.0086EPSS
Exploits0References2
OSV
OSV
added 2024/08/21 2:30 p.m.26 views

GO-2022-0358 Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd

Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd...

6.8CVSS6.1AI score0.00923EPSS
Exploits0References2
OSV
OSV
added 2024/08/21 2:30 p.m.57 views

GO-2023-2085 Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd

Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd...

5CVSS4.7AI score0.005EPSS
Exploits0References4
OSV
OSV
added 2024/08/21 2:17 p.m.25 views

GO-2023-2050 Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd

Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd...

6.5CVSS6.5AI score0.01176EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/04/10 12:21 p.m.2 views

argo-cd: uncontrolled memory allocation vulnerability

The ArgoCD repo-server component is vulnerable to a denial of service attack, where it is possible to crash the repo server component through an out-of-memory error by pointing it to a malicious Helm registry. The loadRepoIndex function in the ArgoCD's helm package does not limit the size or time...

6.5CVSS5.8AI score0.00972EPSS
Exploits0References8
OSV
OSV
added 2024/03/29 7:4 p.m.36 views

GHSA-JHWX-MHWW-RGC3 ArgoCD's repo server has Uncontrolled Resource Consumption vulnerability

Impact All versions of ArgoCD starting from v2.4 have a bug where the ArgoCD repo-server component is vulnerable to a Denial-of-Service attack vector. Specifically, it's possible to crash the repo server component through an out of memory error by pointing it to a malicious Helm registry. The...

6.5CVSS6.4AI score0.00972EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2024/03/29 4:25 p.m.39 views

CVE-2024-29893

The ArgoCD repo-server component is vulnerable to a denial of service attack, where it is possible to crash the repo server component through an out-of-memory error by pointing it to a malicious Helm registry. The loadRepoIndex function in the ArgoCD's helm package does not limit the size or time...

6.5CVSS7.1AI score0.00972EPSS
Exploits0References7
Rows per page
Query Builder