CVE-2026-42880 – Argo CD

CVSS 9.6 CRITICAL

“Read-only access should never expose your most sensitive secrets.”

This patch addresses a critical vulnerability in Argo CD affecting versions 3.2.0 through 3.2.10 and 3.3.0 through 3.3.8. The issue allows attackers with low-level access to extract plaintext Kubernetes Secrets by exploiting gaps in authorization and data masking within the ServerSideDiff feature. This exposes highly sensitive data directly from the cluster.

CVE-2026-42880 has a CVSS score of 9.6, which is Critical severity. Proof-of-concept exploitation has been confirmed, increasing the risk of real-world abuse. Even users with limited permissions can escalate their impact by accessing secrets that should remain protected.

Key Details

Affected Product: Argoproj Argo Cd
Attack Vector: Network
Attack Complexity: Low
Privileges Required: Low
User Interaction: None
CWE Classification: CWE-200

Patch this CVE on all your endpoints in under 5 minutes. First 200 endpoints are free forever, scale as needed.

CVE-2026-42880 – Argo CD

Key Details

Stay Tuned

PLATFORM

SOLUTIONS

RESOURCES

COMPANY

LEGAL

CONTACTS

+1-346-444-8530

Toll Free: 833-444-8530

708 Main St, 10th FL, Houston, TX 77002