📦 Kargo

by Akuity

🔍 What is Kargo?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2026-24748

HIGH CVSS 7.2 Jan 27, 2026

This CVE describes an authentication bypass vulnerability in Kargo's API endpoints. Unauthenticated attackers can access configuration data (exposing Argo CD cluster details) and trigger resource refr...

CVE-2026-27111

MEDIUM CVSS 5.0 Feb 20, 2026

Kargo versions 1.9.0 to 1.9.2 have an authorization bypass vulnerability where three REST API endpoints omit the 'promote' verb check. This allows users with standard Kubernetes RBAC permissions to tr...