github.com/argoproj/argo-cd/v3 vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-45738Highgithub.com/argoproj/argo-cd/v3: Argo CD: Stored XSS in application link annotations enables developer-to-admin privilege escalationCVE-2026-45737Mediumgithub.com/argoproj/argo-cd/v3: Argo CD: Kubernetes Secret Extraction via ArgoCD ServerSideDiff via sensitive annotationsCVE-2026-42880Criticalgithub.com/argoproj/argo-cd/v3: ArgoCD ServerSideDiff is vulnerable to Kubernetes Secret ExtractionCVE-2025-59538Highgithub.com/argoproj/argo-cd/v2: Argo CD Unauthenticated Remote DoS via malformed Azure DevOps git.push webhookCVE-2025-59537Highgithub.com/argoproj/argo-cd: argo-cd vulnerable unauthenticated DoS via malformed Gogs webhook payloadCVE-2025-59531Highgithub.com/argoproj/argo-cd: Unauthenticated argocd-server panic via a malicious Bitbucket-Server webhook payloadCVE-2025-55191Mediumgithub.com/argoproj/argo-cd/v2: Repository Credentials Race Condition Crashes Argo CD ServerCVE-2025-55190Criticalgithub.com/argoproj/argo-cd/v2: Argo CD's Project API Token Exposes Repository CredentialsCVE-2025-47933Criticalgithub.com/argoproj/argo-cd: Argo CD allows cross-site scripting on repositories page

Stop the waste.
Protect your environment with Kodem.