Red Hat Openshift Gitops

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-6388 CRITICAL Act Now

A flaw was found in ArgoCD Image Updater. This vulnerability allows an attacker, with permissions to create or modify an ImageUpdater resource in a multi-tenant environment, to bypass namespace boundaries. By exploiting insufficient validation, the attacker can trigger unauthorized image updates on applications managed by other tenants. This leads to cross-namespace privilege escalation, impacting application integrity through unauthorized application updates.

Privilege Escalation Red Hat Openshift Gitops

NVD

CVSS 3.1

9.1

EPSS

0.0%

CVE-2026-6388

EPSS 0% CVSS 9.1

CRITICAL Act Now

A flaw was found in ArgoCD Image Updater. This vulnerability allows an attacker, with permissions to create or modify an ImageUpdater resource in a multi-tenant environment, to bypass namespace boundaries. By exploiting insufficient validation, the attacker can trigger unauthorized image updates on applications managed by other tenants. This leads to cross-namespace privilege escalation, impacting application integrity through unauthorized application updates.

Privilege Escalation Red Hat Openshift Gitops

NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy