Package impact
GO / github.com/argoproj/argo-cd/v3
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-42880 | critical | 9.6 | 9.6 | 22d ago | ArgoCD ServerSideDiff is vulnerable to Kubernetes Secret Extraction | |||
| CVE-2026-45738 | high | — | 8.0 | 10d ago | Argo CD: Stored XSS in application link annotations enables developer-to-admin privilege escalation | |||
| CVE-2026-45737 | medium | — | 5.5 | 10d ago | Argo CD: Kubernetes Secret Extraction via ArgoCD ServerSideDiff via sensitive annotations |