Severity by source
AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
CWE-306 and the 'unauthenticated' description drive PR:N (vs vendor PR:L); repo-server is an internal service so AV:A, and RCE plus cross-cluster resource deployment give S:C with C/I/A:H.
Primary rating from Vendor (redhat).
CVSS VectorVendor: redhat
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
Lifecycle Timeline
4DescriptionCVE.org
A flaw was identified in Argo CD, the GitOps engine used by Red Hat OpenShift GitOps, that could allow an unauthenticated attacker with network access to the Argo CD repo-server to achieve remote code execution. Under certain conditions, the attacker may then manipulate cached data to deploy malicious Kubernetes resources to managed clusters, potentially resulting in complete cluster compromise.
Articles & Coverage 1
AnalysisAI
Remote code execution in the Argo CD repo-server component (as shipped in Red Hat OpenShift GitOps and the argoproj argo-helm chart) allows an unauthenticated attacker with network access to the repo-server to run arbitrary code and, under certain conditions, poison cached manifests to push malicious Kubernetes resources into managed clusters, enabling full cluster takeover. The root cause is missing authentication (CWE-306) on a critical internal service that the default Helm chart left network-exposed. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | The attacker must have network reachability to the Argo CD repo-server service, which by design requires no authentication (CWE-306); this is the core enabling condition. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The signals are strong but partially conflicting and must be reconciled. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who has landed a low-privilege pod or otherwise gained access to the Kubernetes cluster network reaches the unauthenticated Argo CD repo-server and sends crafted input that triggers code execution within that component. Using that foothold they tamper with cached rendered manifests so that the application controller subsequently deploys attacker-chosen Kubernetes resources (e.g., privileged workloads) across managed clusters, escalating to full cluster compromise. … |
| Remediation | The primary hardening shipped is argo-helm chart 10.0.0 (commit 0f245ab), which flips global.networkPolicy.create from false to true so NetworkPolicy objects are created for all components by default, restricting who can reach the repo-server; upgrade the chart to 10.0.0 or, if you cannot upgrade, immediately set global.networkPolicy.create=true in your values.yaml (or author equivalent NetworkPolicies) to allow ingress to the repo-server only from the Argo CD application-controller and server pods. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Conduct inventory of all Argo CD deployments using vulnerable distributions (Red Hat OpenShift GitOps, argoproj argo-helm chart) and verify which instances are network-accessible; implement immediate network segmentation to restrict access to the repo-server component to trusted sources only, and enable detailed logging of all repo-server API calls. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Kubernetes
View allA critical vulnerability in Kubernetes ingress-nginx controller allows unauthenticated attackers with pod network access
Credential-harvesting malware compromised 84 versions of 42 TanStack npm packages on 2026-05-11 via chained GitHub Actio
Kubernetes ingress-nginx contains a configuration injection vulnerability via the mirror-target and mirror-host Ingress
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-url` Ingres
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-tls-match-c
Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.exter
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Rated critical severity (CVSS 9.9), this vulne
The Kubernetes integration in GitLab Enterprise Edition 11.x before 11.2.8, 11.3.x before 11.3.9, and 11.4.x before 11.4
Kyverno Kubernetes policy engine prior to 1.x has a privilege escalation vulnerability (CVSS 9.9) allowing policy bypass
Kamaji is the Hosted Control Plane Manager for Kubernetes. Rated critical severity (CVSS 9.9), this vulnerability is rem
Jumpserver is a popular open source bastion host, and Koko is a Jumpserver component that is the Go version of coco, ref
String filter bypass in Inspektor Gadget Kubernetes eBPF tooling before fix. Insufficient string escaping enables filter
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-43648