CVE-2026-42297 | argoproj argo-workflows up to 4.0.4 Sync ConfigMap Provider authorization

Inserito da Angelo Barbosa | Mag 5, 2026 | CVE

A vulnerability was found in argoproj argo-workflows. It has been classified as critical. Affected is an unknown function of the component Sync ConfigMap Provider. Performing a manipulation results in missing authorization.

This vulnerability is reported as CVE-2026-42297. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is recommended.

CVE-2026-42297 | argoproj argo-workflows up to 4.0.4 Sync ConfigMap Provider authorization

Post correlati

CVE-2025-0479 | CP Plus CP-XR-DE21-S Router DE21_S_india_hx806_1.057.043_0023 cookie httponly flag (CIVN-2025-0005)

CVE-2025-13412 | Campcodes Retro Basketball Shoes Online Store 1.0 /admin/admin_running.php product_name cross site scripting

CVE-2025-11273 | LaChatterie Verger up to 1.2.10 provider.ts redirectToAuthorization URL deserialization

CVE-2025-64233 | BoldThemes Codiqa Plugin up to 1.2.8 on WordPress deserialization