Package impact
Go / github.com/argoproj/argo-workflows/v3
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-42296 | high | 8.1 | 8.1 | 26d ago | Argo has incomplete fix for CVE-2026-31892: hostNetwork, securityContext, serviceAccountName bypass templateReferencing Strict/Secure | |||
| CVE-2026-28229 | high | — | 8.0 | 3mo ago | Unauthorized access to Argo Workflows Template | |||
| CVE-2026-40886 | high | 7.7 | 7.7 | 1mo ago | Argo Workflows: Unchecked annotation parsing in pod informer crashes Argo Workflows Controller | |||
| CVE-2026-42294 | high | 7.5 | 7.5 | 26d ago | Argo Vulnerable to Unauthenticated Memory Exhaustion (DoS) in Webhook Interceptor |