Vulnerability in Argoproj Argo-workflows

CVE-2026-54526

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Prior to 3.7.15 and 4.0.6, the allow-list fix for CVE-2026-31892 is incomplete because workflow/util/merge.go ValidateUserOver…

Affected products

Weakness classification (CWE)

References