| CVE-2026-42297 |
high |
8.3 |
8.3 |
|
|
|
26d ago |
Argo has Missing Authorization in its Sync ConfigMap Provider |
| CVE-2026-42296 |
high |
8.1 |
8.1 |
|
|
|
26d ago |
Argo has incomplete fix for CVE-2026-31892: hostNetwork, securityContext, serviceAccountName bypass templateReferencing Strict/Secure |
| CVE-2026-28229 |
high |
— |
8.0 |
|
|
|
3mo ago |
Unauthorized access to Argo Workflows Template |
| CVE-2026-40886 |
high |
7.7 |
7.7 |
|
|
|
1mo ago |
Argo Workflows: Unchecked annotation parsing in pod informer crashes Argo Workflows Controller |
| CVE-2026-42294 |
high |
7.5 |
7.5 |
|
|
|
26d ago |
Argo Vulnerable to Unauthenticated Memory Exhaustion (DoS) in Webhook Interceptor |
| CVE-2026-42183 |
medium |
6.5 |
6.5 |
|
|
|
26d ago |
Argo Affected by SSO RBAC Delegation Nil Pointer Dereference DoS (gatekeeper.go) |
| CVE-2026-42295 |
medium |
4.9 |
4.9 |
|
|
|
26d ago |
Argo vulnerable to exposure of artifact repository credentials |
