CVE-2026-31892

Name of the Vulnerable Software and Affected Versions Argo Workflows versions 2.9.0 through 4.0.1 Argo Workflows version 3.7.11

Description Argo Workflows is a container-native workflow engine for Kubernetes. A user who can submit Workflows can bypass security settings defined in a WorkflowTemplate by including a podSpecPatch field in their Workflow submission. This bypass occurs even when the controller is configured with templateReferencing: Strict, which is intended to restrict users to admin-approved templates. The podSpecPatch field takes precedence during spec merging and is applied to the pod spec without security validation. Specifically, the merge priority order is Workflow Spec > WorkflowTemplate Spec > WorkflowDefault Spec. The ApplyPodSpecPatch() function only validates the JSON syntax of the patch, without checking for dangerous security settings. This allows attackers to override security settings like running containers as root, enabling privileged mode, mounting the host filesystem, and adding all Linux capabilities. Exploitation can grant a user full root access to the underlying Kubernetes node.

Recommendations Argo Workflows versions prior to 4.0.2 must be updated. Argo Workflows version 3.7.11 must be installed.