PT-2026-57887 · Argoproj · Argo Helm

Hugo-Syn

+1

·

Published

2026-07-13

·

Updated

2026-07-13

·

CVE-2026-62185

CVSS v3.1

7.6

High

VectorAV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
Argo CD Helm Chart before 10.0.0 fails to install network policies by default, allowing any pod on a cluster to access repo-server and other Argo APIs. Attackers can exploit this unrestricted network access through combined attacks to achieve cluster compromise and remote code execution.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-62185

Affected Products

Argo Helm