CVE-2026-42296: Argo Workflows Bypass Grants Host Network Access

/HIGH /CVSS 8.1/10
Written by SCW Vulnerability Desk Vulnerability Intelligence
SCW vulnerabilitycvehigh-severitycwe-863
CVE-2026-42296: Argo Workflows Bypass Grants Host Network Access

The National Vulnerability Database has detailed CVE-2026-42296, a high-severity vulnerability (CVSS 8.1) in Argo Workflows. This flaw allows a user with create Workflow permissions to bypass templateReferencing: Strict mode. The bypass enables several critical privilege escalation avenues, including obtaining host network access, switching service accounts, overriding pod security contexts, adding tolerations to schedule on control-plane nodes, and enabling service account token mounting.

This vulnerability fundamentally undermines Argo Workflows’ Strict mode, which is intended to enforce security boundaries within Kubernetes. While clusters with robust PodSecurity admission or OPA/Gatekeeper policies might independently block some of these actions (e.g., hostNetwork), organizations relying solely on Argo’s Strict mode for enforcement are fully exposed. The attacker’s calculus here is clear: leverage a legitimate-looking workflow creation to gain deep access within the cluster, potentially leading to full cluster compromise.

The National Vulnerability Database confirms the issue has been patched in Argo Workflows versions 3.7.14 and 4.0.5. Organizations running vulnerable versions need to prioritize these updates immediately to close this critical attack path.

What This Means For You

  • If your organization uses Argo Workflows, you must immediately verify your version. If you are running anything prior to 3.7.14 or 4.0.5, you are exposed to an attacker gaining host network access and escalating privileges within your Kubernetes cluster. Patching is non-negotiable. Additionally, review your Kubernetes admission controllers and OPA/Gatekeeper policies; relying solely on application-level controls like Argo's `Strict` mode is clearly insufficient.

Related ATT&CK Techniques

T1578.002 Impair Defenses: Disable or Modify System Firewall Defense Evasion T1078.004 Valid Accounts: Service Account Persistence T1578.001 Impair Defenses: Clear Windows Event Logs Defense Evasion

🛡️ Detection Rules

3 rules · 6 SIEM formats

3 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.

high T1578.002 Defense Evasion

CVE-2026-42296: Argo Workflows Host Network Bypass

Sigma YAML — free preview 
title: CVE-2026-42296: Argo Workflows Host Network Bypass
id: scw-2026-05-09-ai-1
status: experimental
level: high
description: |
  Detects the exploitation of CVE-2026-42296 where an attacker with create Workflow permission in Argo Workflows bypasses templateReferencing: Strict to enable hostNetwork access. This rule specifically looks for the 'argo' binary being used to create a workflow with the 'hostNetwork: true' configuration, indicating an attempt to gain host network access.
author: SCW Feed Engine (AI-generated)
date: 2026-05-09
references:
  - https://shimiscyberworld.com/posts/nvd-CVE-2026-42296/
tags:
  - attack.defense_evasion
  - attack.t1578.002
logsource:
    category: process_creation
detection:
  selection:
      Image|contains:
          - '/usr/local/bin/argo'
      CommandLine|contains:
          - 'create workflow'
      CommandLine|contains:
          - '--template'
      CommandLine|contains:
          - 'hostNetwork: true'
      condition: selection
falsepositives:
  - Legitimate administrative activity

Source: Shimi's Cyber World · License & reuse

✓ Sigma · Splunk SPL Sentinel KQL Elastic QRadar AQL Wazuh Get rules for your SIEM →

Indicators of Compromise

IDTypeIndicator
CVE-2026-42296 Privilege Escalation Argo Workflows < 3.7.14
CVE-2026-42296 Privilege Escalation Argo Workflows < 4.0.5
CVE-2026-42296 Auth Bypass templateReferencing: Strict bypass in Argo Workflows
CVE-2026-42296 Misconfiguration Argo Workflows allowing host network access, service account switching, pod security context override, toleration addition, or SA token mounting

Written by SCW Vulnerability Desk

Source & Attribution
Source PlatformNVD
ChannelNational Vulnerability Database
PublishedMay 09, 2026 at 07:16 UTC

This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.

Believe this infringes your rights? Submit a takedown request.

Related coverage

Hikvision Switches: Authenticated RCE in Discontinued Products

CVE-2026-3828 — Some Hikvision switch products (discontinued since December 2023) are vulnerable to authenticated remote command execution due to insufficient input validation. Attackers with valid...

vulnerabilityCVEhigh-severity
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-32683 — Some EZVIZ products utilize older versions of cloud feature

CVE-2026-32683 — Some EZVIZ products utilize older versions of cloud feature modules with legacy API interfaces, which pose a data transmission risk. Attackers can exploit...

vulnerabilityCVEmedium-severity
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-1749 — Some HikCentral Professional Versions. This Vulnerability

CVE-2026-1749 — There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission.

vulnerabilityCVEmedium-severity
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 1 IOC /⚙ 2 Sigma