github.com/argoproj/argo-workflows/v4 (Go) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Go package github.com/argoproj/argo-workflows/v4, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (8)
CVE-2026-28229 — CVSS 9.8 (critical): Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Prior to 4.0.2 and 3.7.11…
CVE-2026-42297 — CVSS 8.3 (high): Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From version 4.0.0 to…
CVE-2026-42296 — CVSS 8.1 (high): Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Prior to versions 3.7.14…
CVE-2026-31892 — CVSS 8.1 (high): Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From 2.9.0 to before 4.0.2…
CVE-2026-40886 — CVSS 7.7 (high): Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From 3.6.5 to 4.0.4, an…
CVE-2026-42294 — CVSS 7.5 (high): Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Prior to versions 3.7.14…
CVE-2026-42183 — CVSS 6.5 (medium): Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From version 4.0.0 to…
CVE-2026-42295 — CVSS 4.9 (medium): Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From version 4.0.0 to…