hypeorhack
← back

CVE-2026-43824

HIGH · 7.7 EPSS 0.0%
hype MIXED · 58 hack

Real vuln, patched, early defender action underway; no PoC/KEV yet, low EPSS.

What: Argo CD 3.2.0–3.2.10 and 3.3.0–3.3.8 ServerSideDiff feature allows unauthenticated or low-privileged users to read cleartext Kubernetes Secret data (CVSS 7.7 HIGH).

Why it matters: Published today; no KEV listing yet, but metadata shows patched versions exist (3.2.11, 3.3.9). Social chatter includes operational guidance (checking IncludeMutationWebhook flag, inventory exposure paths), suggesting early defender awareness. No public PoC mentioned, but condition-based analysis posted indicates researchers have working understanding of the flaw.

Where it's seen: Social posts (Bluesky) mixing incident alerting, triage steps, and vendor patch guidance. Posts appear within 1 hour of NVD publication, indicating coordinated disclosure follow-up. Engagement focuses on upgrade urgency and secret inventory, not proof-of-concept sharing.

RISK: HIGH — Cleartext secret disclosure in widely-used GitOps tool; patched versions available; rapid triage needed.

Generated by claude-haiku-4-5 from public posts and authoritative metadata. AI can make mistakes — verify against vendor advisories before acting. 5/2/2026, 6:24:37 PM

AttackerKB

view on attackerkb.com →

In Argo CD 3.2.0 before 3.2.11 and 3.3.0 before 3.3.9, ServerSideDiff allows reading cleartext Kubernetes Secret data.

Articles & coverage 13 articles

  • Argo CD CVE-2026-43824: Read-Only App Access and Secret Exposure - Juliet

    # Argo CD CVE-2026-43824: Read-Only App Access Could Expose Kubernetes Secrets. CVE-2026-43824 is a new Argo CD vulnerability in `ServerSideDiff`. The official CVE record describes it plainly: Argo CD `3.2.0` before `3.2.11` and `3.3.0` before `3.3.9` allowed cleartext Kubernetes Secret data to be read through the ServerSideDiff path. > If a user has read-only Argo CD application access, can that

  • CVE-2026-43824 argoproj Argo CD ServerSideDiff improper ...

    A security flaw has been discovered in argoproj Argo CD up to 3.2.10/3.3.8. This vulnerability is known as CVE-2026-43824. It is advisable to upgrade the

  • CVE

    CVE-2026-43824 In Argo CD 3.2.0 before 3.2.11 and 3.3.0 before 3.3.9, ServerSideDiff allows reading cleartext Kubernetes Secret data.

  • CVE-2026-43824 - CVE Record

    In Argo CD 3.2.0 before 3.2.11 and 3.3.0 before 3.3.9, ServerSideDiff allows reading cleartext Kubernetes Secret data. CWE 1 Total. Learn

  • CVEs and Security Vulnerabilities - OpenCVE

    CVE-2026-43824, 1 Argoproj ; In Argo CD 3.2.0 before 3.2.11 and 3.3.0 before 3.3.9, ServerSideDiff allows reading cleartext Kubernetes Secret data.

Page 1 of 3
NVD details 1 CWE ·0 vendors · 1 ref expand

Description

In Argo CD 3.2.0 before 3.2.11 and 3.3.0 before 3.3.9, ServerSideDiff allows reading cleartext Kubernetes Secret data.

Weaknesses

References

Other · 1

Top posts driving the trend