Package impact
Go / helm.sh/helm/v4
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-35206 | unknown | — | — | 2mo ago | Helm Chart extraction output directory collapse via `Chart.yaml` name dot-segment | |||
| CVE-2026-35205 | unknown | — | — | 2mo ago | Helm's plugin verification fails open when .prov is missing, allowing unsigned plugin install | |||
| CVE-2026-35204 | unknown | — | — | 2mo ago | Helm has a path traversal in plugin metadata version enables arbitrary file write outside Helm plugin directory |