Argoproj Argo Workflows — known CVE vulnerabilities
Every CVE whose affected-product data names Argoproj Argo Workflows, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (16)
CVE-2026-28229 — CVSS 9.8 (critical): Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Prior to 4.0.2 and 3.7.11…
CVE-2026-42297 — CVSS 8.3 (high): Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From version 4.0.0 to…
CVE-2026-31892 — CVSS 8.1 (high): Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From 2.9.0 to before 4.0.2…
CVE-2025-62156 — CVSS 8.1 (high): Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Versions prior to 3.6.12…
CVE-2025-66626 — CVSS 8.1 (high): Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Versions 3.6.13 and below…
CVE-2026-42296 — CVSS 8.1 (high): Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Prior to versions 3.7.14…
CVE-2026-40886 — CVSS 7.7 (high): Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From 3.6.5 to 4.0.4, an…
CVE-2026-42294 — CVSS 7.5 (high): Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Prior to versions 3.7.14…
CVE-2024-53862 — CVSS 7.5 (high): Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. When using…
CVE-2022-29164 — CVSS 7.1 (high): Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. In affected versions an…
CVE-2021-37914 — CVSS 6.5 (medium): In Argo Workflows through 3.1.3, if EXPRESSION_TEMPLATES is enabled and untrusted users are allowed to specify input parameters when…
CVE-2025-62157 — CVSS 6.5 (medium): Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Argo Workflows versions…
CVE-2026-42183 — CVSS 6.5 (medium): Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From version 4.0.0 to…
CVE-2024-47827 — CVSS 5.7 (medium): Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Due to a race condition in…
CVE-2026-23960 — CVSS 5.4 (medium): Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Prior to versions 3.6.17…
CVE-2026-42295 — CVSS 4.9 (medium): Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From version 4.0.0 to…