CVE-2026-42295 Overview
CVE-2026-42295 affects Argo Workflows, an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. The workflow executor logs all artifact repository credentials in plaintext during artifact operations. Exposed secrets include S3 access keys, secret keys, Google Cloud Storage (GCS) service account keys, Azure account keys, and Git passwords. Any user with read access to workflow pod logs can extract these credentials and pivot to external storage systems. The flaw is tracked under [CWE-522: Insufficiently Protected Credentials]. Versions 4.0.0 through 4.0.4 are affected, and the issue is patched in version 4.0.5.
Critical Impact
Users with pod log read access can harvest plaintext credentials for S3, GCS, Azure Blob, and Git repositories, enabling lateral movement to artifact backends.
Affected Products
- Argo Workflows version 4.0.0 through 4.0.4
- Kubernetes clusters running vulnerable Argo Workflows controllers
- Workflow executor component handling artifact repository operations
Discovery Timeline
- 2026-05-09 - CVE-2026-42295 published to the National Vulnerability Database (NVD)
- 2026-05-15 - Last updated in NVD database
Technical Details for CVE-2026-42295
Vulnerability Analysis
The Argo Workflows executor is responsible for downloading and uploading artifacts to configured repositories during workflow step execution. In affected releases, the executor writes the full credential payload for each artifact operation to standard output. These log entries are captured by the Kubernetes container runtime and become accessible through standard pod log APIs. Anyone holding the pods/log RBAC permission in the target namespace can retrieve these logs and parse out the cleartext secrets.
The exposure is not limited to a single backend type. The executor handles S3, GCS, Azure Blob Storage, and Git artifact drivers within the same logging path. As a result, a single workflow execution can leak credentials for multiple cloud providers simultaneously. Attackers who gain access to these credentials can read or modify artifacts, escalate into the cloud accounts that own the storage buckets, or push malicious commits to Git repositories referenced by the workflow.
Root Cause
The root cause is improper handling of sensitive data in log statements within the workflow executor. Credential structures resolved from Kubernetes Secrets are passed to a logger that serializes the full object, including secret fields, rather than redacting them. This is a classic insufficiently protected credentials weakness [CWE-522] in which secret material crosses a trust boundary into a lower-privilege log sink.
Attack Vector
Exploitation requires authenticated access to the Kubernetes cluster with permission to read workflow pod logs. The attacker runs kubectl logs against a completed or running workflow pod and extracts credentials from the executor output. No network-level exploitation primitive is required beyond Kubernetes API access. Once credentials are obtained, the attacker uses them directly against the corresponding cloud provider APIs, bypassing Argo Workflows entirely.
No verified public proof-of-concept code is available. Refer to the GitHub Security Advisory GHSA-7vf8-2cr6-54mf for vendor details.
Detection Methods for CVE-2026-42295
Indicators of Compromise
- Workflow pod logs containing strings matching access key patterns such as AKIA, accessKey, secretKey, accountKey, or serviceAccountKey
- Unexpected kubectl logs or Kubernetes API pods/log requests from service accounts or users not normally involved in workflow operations
- Cloud provider audit events showing artifact repository credentials being used from IP addresses outside the cluster egress range
Detection Strategies
- Audit Kubernetes API server logs for get and list actions on pods/log resources in namespaces running Argo Workflows
- Scan archived workflow pod logs for credential patterns using regular expressions for AWS, GCP, and Azure key formats
- Correlate workflow execution timestamps with cloud provider IAM access events for the artifact repository service accounts
Monitoring Recommendations
- Enable Kubernetes audit logging at the Metadata level or higher for the pods/log subresource
- Forward workflow controller and executor logs to a centralized log platform with secret-detection rules
- Alert on cloud provider credential usage originating from unexpected geographic regions or principals
How to Mitigate CVE-2026-42295
Immediate Actions Required
- Upgrade Argo Workflows to version 4.0.5 or later across all clusters
- Rotate every artifact repository credential referenced by workflows running on affected versions, including S3 keys, GCS service account keys, Azure account keys, and Git passwords
- Restrict the pods/log RBAC verb to a minimal set of administrators and service accounts in namespaces hosting workflows
- Purge historical workflow pod logs from log aggregation systems where leaked credentials may persist
Patch Information
The vulnerability is patched in Argo Workflows version 4.0.5. Release notes and binaries are available at the GitHub Release v4.0.5 page. Vendor guidance is documented in the GitHub Security Advisory GHSA-7vf8-2cr6-54mf.
Workarounds
- Apply strict Kubernetes RBAC policies that deny get on pods/log for all non-administrative principals in Argo namespaces
- Use short-lived credentials such as IAM Roles for Service Accounts (IRSA) on AWS or Workload Identity on GCP instead of static keys where supported
- Configure log redaction in the cluster logging pipeline to strip known credential patterns before storage
# Upgrade Argo Workflows to the patched release
kubectl apply -n argo -f https://github.com/argoproj/argo-workflows/releases/download/v4.0.5/install.yaml
# Verify the controller and executor image versions
kubectl get deploy -n argo workflow-controller -o jsonpath='{.spec.template.spec.containers[0].image}'
# Restrict pod log access in the argo namespace
kubectl create role argo-restricted --verb=get,list --resource=pods,workflows -n argo
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
