๐Ÿ” CVE Alert

CVE-2026-62185

HIGH 7.6

Argo CD Helm Chart < 10.0.0 Missing Network Policy RCE

CVSS Score
7.6
EPSS Score
0.3%
EPSS Percentile
20th

Argo CD Helm Chart before 10.0.0 fails to install network policies by default, allowing any pod on a cluster to access repo-server and other Argo APIs. Attackers can exploit this unrestricted network access through combined attacks to achieve cluster compromise and remote code execution.

CWE CWE-1188
Vendor argoproj
Product argo-helm
Published Jul 13, 2026
Last Updated Jul 14, 2026
Stay Ahead of the Next One

Get instant alerts for argoproj argo-helm

Be the first to know when new high vulnerabilities affecting argoproj argo-helm are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
Low

Affected Versions

argoproj / argo-helm
0 < 10.0.0

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
github.com: https://github.com/argoproj/argo-helm/security/advisories/GHSA-47m3-95c7-g2g8 vulncheck.com: https://www.vulncheck.com/advisories/argo-cd-helm-chart-missing-network-policy-rce

Credits

๐Ÿ” hugo-syn paulb-syn