CVE-2025-55190

CRITICAL EXPLOITED NUCLEI

Argo CD <3.1.1 - Info Disclosure

Title source: llm

Description

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. In versions 2.13.0 through 2.13.8, 2.14.0 through 2.14.15, 3.0.0 through 3.0.12 and 3.1.0-rc1 through 3.1.1, API tokens with project-level permissions are able to retrieve sensitive repository credentials (usernames, passwords) through the project details API endpoint, even when the token only has standard application management permissions and no explicit access to secrets. This vulnerability does not only affect project-level permissions. Any token with project get permissions is also vulnerable, including global permissions such as: `p, role/user, projects, get, *, allow`. This issue is fixed in versions 2.13.9, 2.14.16, 3.0.14 and 3.1.2.

Nuclei Templates (1)

ArgoCD Project API Token Repository Credentials Exposure

CRITICALVERIFIEDby nukunga[seunghyeonJeon]

Shodan: http.title:"argo cd"

References (2)

[Patch] https://github.com/argoproj/argo-cd/commit/e8f86101f5378662ae6151ce5c3a76e9141900e8

View Patch ZIP pw:eip

[Exploit, Vendor Advisory] https://github.com/argoproj/argo-cd/security/advisories/GHSA-786q-9hcg-v9ff

Scores

CVSS v3 9.9

EPSS 0.0538

EPSS Percentile 90.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Details

VulnCheck KEV 2025-11-18

CWE

CWE-200

Status published

Products (3)

argoproj/argo-cd 0 - 3.0.14Go

argoproj/argo-cd 2.13.0 - 2.13.9Go

argoproj/argo_cd 2.2.0 - 2.13.9

Published Sep 04, 2025

Tracked Since Feb 18, 2026