Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-35204 (GCVE-0-2026-35204)
Vulnerability from cvelistv5 – Published: 2026-04-09 15:03 – Updated: 2026-04-09 17:46
VLAI
EPSS
Title
Helm has a path traversal in plugin metadata version enables arbitrary file write outside Helm plugin directory
Summary
Helm is a package manager for Charts for Kubernetes. From 4.0.0 to 4.1.3, a specially crafted Helm plugin, when installed or updated, will cause Helm to write the contents of the plugin to an arbitrary filesystem location. To prevent this, validate that the plugin.yaml of the Helm plugin does not include a version: field containing POSIX dot-dot path separators ie. "/../". This vulnerability is fixed in 4.1.4.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/helm/helm/security/advisories/… | x_refsource_CONFIRM |
| https://github.com/helm/helm/commit/36c8539e99bc4… | x_refsource_MISC |
| https://github.com/helm/helm/releases/tag/v4.1.4 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-35204",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-09T17:46:08.508995Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-09T17:46:15.811Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "helm",
"vendor": "helm",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.0.0, \u003c 4.1.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Helm is a package manager for Charts for Kubernetes. From 4.0.0 to 4.1.3, a specially crafted Helm plugin, when installed or updated, will cause Helm to write the contents of the plugin to an arbitrary filesystem location. To prevent this, validate that the plugin.yaml of the Helm plugin does not include a version: field containing POSIX dot-dot path separators ie. \"/../\". This vulnerability is fixed in 4.1.4."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:L/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-09T15:03:28.668Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/helm/helm/security/advisories/GHSA-vmx8-mqv2-9gmg",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/helm/helm/security/advisories/GHSA-vmx8-mqv2-9gmg"
},
{
"name": "https://github.com/helm/helm/commit/36c8539e99bc42d7aef9b87d136254662d04f027",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/helm/helm/commit/36c8539e99bc42d7aef9b87d136254662d04f027"
},
{
"name": "https://github.com/helm/helm/releases/tag/v4.1.4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/helm/helm/releases/tag/v4.1.4"
}
],
"source": {
"advisory": "GHSA-vmx8-mqv2-9gmg",
"discovery": "UNKNOWN"
},
"title": "Helm has a path traversal in plugin metadata version enables arbitrary file write outside Helm plugin directory"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-35204",
"datePublished": "2026-04-09T15:03:28.668Z",
"dateReserved": "2026-04-01T18:48:58.937Z",
"dateUpdated": "2026-04-09T17:46:15.811Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-35204",
"date": "2026-06-17",
"epss": "0.00173",
"percentile": "0.06958"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-35204\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-04-09T16:16:27.550\",\"lastModified\":\"2026-04-17T14:07:05.063\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Helm is a package manager for Charts for Kubernetes. From 4.0.0 to 4.1.3, a specially crafted Helm plugin, when installed or updated, will cause Helm to write the contents of the plugin to an arbitrary filesystem location. To prevent this, validate that the plugin.yaml of the Helm plugin does not include a version: field containing POSIX dot-dot path separators ie. \\\"/../\\\". This vulnerability is fixed in 4.1.4.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:L/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":8.4,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"PASSIVE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"LOW\",\"subConfidentialityImpact\":\"HIGH\",\"subIntegrityImpact\":\"HIGH\",\"subAvailabilityImpact\":\"HIGH\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\",\"baseScore\":8.6,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":6.0}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:helm:helm:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.0.0\",\"versionEndExcluding\":\"4.1.4\",\"matchCriteriaId\":\"800B9949-E36B-45F3-9EA0-CA9DDA3D8868\"}]}]}],\"references\":[{\"url\":\"https://github.com/helm/helm/commit/36c8539e99bc42d7aef9b87d136254662d04f027\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/helm/helm/releases/tag/v4.1.4\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Product\",\"Release Notes\"]},{\"url\":\"https://github.com/helm/helm/security/advisories/GHSA-vmx8-mqv2-9gmg\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"cna\": {\"title\": \"Helm has a path traversal in plugin metadata version enables arbitrary file write outside Helm plugin directory\", \"problemTypes\": [{\"descriptions\": [{\"cweId\": \"CWE-22\", \"lang\": \"en\", \"description\": \"CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)\", \"type\": \"CWE\"}]}], \"metrics\": [{\"cvssV4_0\": {\"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"PASSIVE\", \"vulnConfidentialityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"vulnAvailabilityImpact\": \"LOW\", \"subConfidentialityImpact\": \"HIGH\", \"subIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"HIGH\", \"baseScore\": 8.4, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:L/SC:H/SI:H/SA:H\", \"version\": \"4.0\"}}], \"references\": [{\"name\": \"https://github.com/helm/helm/security/advisories/GHSA-vmx8-mqv2-9gmg\", \"tags\": [\"x_refsource_CONFIRM\"], \"url\": \"https://github.com/helm/helm/security/advisories/GHSA-vmx8-mqv2-9gmg\"}, {\"name\": \"https://github.com/helm/helm/commit/36c8539e99bc42d7aef9b87d136254662d04f027\", \"tags\": [\"x_refsource_MISC\"], \"url\": \"https://github.com/helm/helm/commit/36c8539e99bc42d7aef9b87d136254662d04f027\"}, {\"name\": \"https://github.com/helm/helm/releases/tag/v4.1.4\", \"tags\": [\"x_refsource_MISC\"], \"url\": \"https://github.com/helm/helm/releases/tag/v4.1.4\"}], \"affected\": [{\"vendor\": \"helm\", \"product\": \"helm\", \"versions\": [{\"version\": \"\u003e= 4.0.0, \u003c 4.1.4\", \"status\": \"affected\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-04-09T15:03:28.668Z\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Helm is a package manager for Charts for Kubernetes. From 4.0.0 to 4.1.3, a specially crafted Helm plugin, when installed or updated, will cause Helm to write the contents of the plugin to an arbitrary filesystem location. To prevent this, validate that the plugin.yaml of the Helm plugin does not include a version: field containing POSIX dot-dot path separators ie. \\\"/../\\\". This vulnerability is fixed in 4.1.4.\"}], \"source\": {\"advisory\": \"GHSA-vmx8-mqv2-9gmg\", \"discovery\": \"UNKNOWN\"}}, \"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-35204\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-04-09T17:46:08.508995Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-04-09T17:46:12.319Z\"}}]}",
"cveMetadata": "{\"cveId\": \"CVE-2026-35204\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"GitHub_M\", \"dateReserved\": \"2026-04-01T18:48:58.937Z\", \"datePublished\": \"2026-04-09T15:03:28.668Z\", \"dateUpdated\": \"2026-04-09T17:46:15.811Z\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
bit-helm-2026-35204
Vulnerability from bitnami_vulndb
Published
2026-04-13 05:40
Modified
2026-04-13 06:11
Summary
Helm has a path traversal in plugin metadata version enables arbitrary file write outside Helm plugin directory
Details
Helm is a package manager for Charts for Kubernetes. From 4.0.0 to 4.1.3, a specially crafted Helm plugin, when installed or updated, will cause Helm to write the contents of the plugin to an arbitrary filesystem location. To prevent this, validate that the plugin.yaml of the Helm plugin does not include a version: field containing POSIX dot-dot path separators ie. "/../". This vulnerability is fixed in 4.1.4.
{
"affected": [
{
"package": {
"ecosystem": "Bitnami",
"name": "helm",
"purl": "pkg:bitnami/helm"
},
"ranges": [
{
"events": [
{
"introduced": "4.0.0"
},
{
"fixed": "4.1.4"
}
],
"type": "SEMVER"
}
],
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:L/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
],
"aliases": [
"CVE-2026-35204"
],
"database_specific": {
"cpes": [
"cpe:2.3:a:helm:helm:*:*:*:*:*:go:*:*"
],
"severity": "High"
},
"details": "Helm is a package manager for Charts for Kubernetes. From 4.0.0 to 4.1.3, a specially crafted Helm plugin, when installed or updated, will cause Helm to write the contents of the plugin to an arbitrary filesystem location. To prevent this, validate that the plugin.yaml of the Helm plugin does not include a version: field containing POSIX dot-dot path separators ie. \"/../\". This vulnerability is fixed in 4.1.4.",
"id": "BIT-helm-2026-35204",
"modified": "2026-04-13T06:11:47.324Z",
"published": "2026-04-13T05:40:33.104Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/helm/helm/commit/36c8539e99bc42d7aef9b87d136254662d04f027"
},
{
"type": "WEB",
"url": "https://github.com/helm/helm/releases/tag/v4.1.4"
},
{
"type": "WEB",
"url": "https://github.com/helm/helm/security/advisories/GHSA-vmx8-mqv2-9gmg"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35204"
}
],
"schema_version": "1.6.2",
"summary": "Helm has a path traversal in plugin metadata version enables arbitrary file write outside Helm plugin directory"
}
cleanstart-2026-wo11084
Vulnerability from cleanstart
Published
2026-05-18 13:48
Modified
2026-05-03 06:43
Summary
Security fixes for CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-35204, CVE-2026-35205, ghsa-mh2q-q3fh-2475 applied in versions: 2.10.11-r0, 2.13.4-r0
Details
Multiple security vulnerabilities affect the kumactl package. These issues are resolved in later releases. See references for individual vulnerability details.
References
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kumactl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.13.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kumactl package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-WO11084",
"modified": "2026-05-03T06:43:59Z",
"published": "2026-05-18T13:48:46.734088Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-WO11084.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-35204"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-35205"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-mh2q-q3fh-2475"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35204"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35205"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-35204, CVE-2026-35205, ghsa-mh2q-q3fh-2475 applied in versions: 2.10.11-r0, 2.13.4-r0",
"upstream": [
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-33810",
"CVE-2026-35204",
"CVE-2026-35205",
"ghsa-mh2q-q3fh-2475"
]
}
FKIE_CVE-2026-35204
Vulnerability from fkie_nvd - Published: 2026-04-09 16:16 - Updated: 2026-06-17 10:40
Severity
Summary
Helm is a package manager for Charts for Kubernetes. From 4.0.0 to 4.1.3, a specially crafted Helm plugin, when installed or updated, will cause Helm to write the contents of the plugin to an arbitrary filesystem location. To prevent this, validate that the plugin.yaml of the Helm plugin does not include a version: field containing POSIX dot-dot path separators ie. "/../". This vulnerability is fixed in 4.1.4.
References
| URL | Tags | ||
|---|---|---|---|
| security-advisories@github.com | https://github.com/helm/helm/commit/36c8539e99bc42d7aef9b87d136254662d04f027 | Patch | |
| security-advisories@github.com | https://github.com/helm/helm/releases/tag/v4.1.4 | Product, Release Notes | |
| security-advisories@github.com | https://github.com/helm/helm/security/advisories/GHSA-vmx8-mqv2-9gmg | Mitigation, Vendor Advisory |
{
"affected": [
{
"affectedData": [
{
"product": "helm",
"vendor": "helm",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.0.0, \u003c 4.1.4"
}
]
}
],
"source": "security-advisories@github.com"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:helm:helm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "800B9949-E36B-45F3-9EA0-CA9DDA3D8868",
"versionEndExcluding": "4.1.4",
"versionStartIncluding": "4.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Helm is a package manager for Charts for Kubernetes. From 4.0.0 to 4.1.3, a specially crafted Helm plugin, when installed or updated, will cause Helm to write the contents of the plugin to an arbitrary filesystem location. To prevent this, validate that the plugin.yaml of the Helm plugin does not include a version: field containing POSIX dot-dot path separators ie. \"/../\". This vulnerability is fixed in 4.1.4."
}
],
"id": "CVE-2026-35204",
"lastModified": "2026-06-17T10:40:12.383",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:L/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security-advisories@github.com",
"type": "Secondary"
}
],
"ssvcV203": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"ssvcData": {
"id": "CVE-2026-35204",
"options": [
{
"exploitation": "none"
},
{
"automatable": "no"
},
{
"technicalImpact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-09T17:46:08.508995Z",
"version": "2.0.3"
}
}
]
},
"published": "2026-04-09T16:16:27.550",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/helm/helm/commit/36c8539e99bc42d7aef9b87d136254662d04f027"
},
{
"source": "security-advisories@github.com",
"tags": [
"Product",
"Release Notes"
],
"url": "https://github.com/helm/helm/releases/tag/v4.1.4"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://github.com/helm/helm/security/advisories/GHSA-vmx8-mqv2-9gmg"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
GHSA-VMX8-MQV2-9GMG
Vulnerability from github – Published: 2026-04-10 15:32 – Updated: 2026-04-24 20:41
VLAI
Summary
Helm has a path traversal in plugin metadata version enables arbitrary file write outside Helm plugin directory
Details
Helm is a package manager for Charts for Kubernetes. In Helm versions >=4.0.0 and <=4.1.3, a specially crafted Helm plugin, when installed or updated, will cause Helm to write the contents of the plugin to an arbitrary filesystem location.
Impact
A Helm user who installs or updates a plugin that is specially crafted can cause Helm to attempt to write the content of the affected plugin to an arbitrary location on the user's filesystem. Impacted users risk potentially overwriting user and system files which may further compromise the integrity of a system.
Patches
This issue has been patched in Helm v4.1.4
Installing/updating a plugin with a non-SemVer version (which excludes path traversal patterns) will result in an error.
Workarounds
Validate that the plugin.yaml of the Helm plugin does not include a version: field containing POSIX dot-dot path separators ie. "/../".
Severity
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 4.1.3"
},
"package": {
"ecosystem": "Go",
"name": "helm.sh/helm/v4"
},
"ranges": [
{
"events": [
{
"introduced": "4.0.0"
},
{
"fixed": "4.1.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-35204"
],
"database_specific": {
"cwe_ids": [
"CWE-22"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-10T15:32:56Z",
"nvd_published_at": "2026-04-09T16:16:27Z",
"severity": "HIGH"
},
"details": "Helm is a package manager for Charts for Kubernetes. In Helm versions \u003e=4.0.0 and \u003c=4.1.3, a specially crafted Helm plugin, when installed or updated, will cause Helm to write the contents of the plugin to an arbitrary filesystem location.\n\n### Impact\n\nA Helm user who installs or updates a plugin that is specially crafted can cause Helm to attempt to write the content of the affected plugin to an arbitrary location on the user\u0027s filesystem. Impacted users risk potentially overwriting user and system files which may further compromise the integrity of a system.\n\n### Patches\n\nThis issue has been patched in Helm v4.1.4\n\nInstalling/updating a plugin with a non-SemVer version (which excludes path traversal patterns) will result in an error.\n\n### Workarounds\n\nValidate that the `plugin.yaml` of the Helm plugin does not include a `version:` field containing POSIX dot-dot path separators ie. \"`/../`\".",
"id": "GHSA-vmx8-mqv2-9gmg",
"modified": "2026-04-24T20:41:57Z",
"published": "2026-04-10T15:32:56Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/helm/helm/security/advisories/GHSA-vmx8-mqv2-9gmg"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35204"
},
{
"type": "WEB",
"url": "https://github.com/helm/helm/commit/36c8539e99bc42d7aef9b87d136254662d04f027"
},
{
"type": "PACKAGE",
"url": "https://github.com/helm/helm"
},
{
"type": "WEB",
"url": "https://github.com/helm/helm/releases/tag/v4.1.4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:L/SC:H/SI:H/SA:H",
"type": "CVSS_V4"
}
],
"summary": "Helm has a path traversal in plugin metadata version enables arbitrary file write outside Helm plugin directory"
}
RHSA-2026:26441
Vulnerability from csaf_redhat - Published: 2026-06-16 20:29 - Updated: 2026-06-16 20:31Summary
Red Hat Security Advisory: Helm CLI v4.1.4 release
Severity
Important
Notes
Topic: General availability release of Helm CLI v4.1.4.
Details: Helm is the package manager for Kubernetes, used to define, install, and upgrade applications as reusable charts. This release delivers the Helm v4.1.4 binaries built and distributed by Red Hat.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Helm, a package manager for Kubernetes. An attacker could exploit this vulnerability by providing a specially crafted Helm plugin. When such a plugin is installed or updated, Helm incorrectly processes its configuration, allowing the plugin's contents to be written to an arbitrary location on the filesystem. This could lead to unauthorized modification of system files or other critical data.
8.2 (High)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Helm CLI 4.1:helm-cli@amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Helm CLI 4.1:helm-cli@amd64_darwin | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Helm CLI 4.1:helm-cli@amd64_windows | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Helm CLI 4.1:helm-cli@arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Helm CLI 4.1:helm-cli@arm64_darwin | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Helm CLI 4.1:helm-cli@arm64_windows | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Helm CLI 4.1:helm-cli@ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Helm CLI 4.1:helm-cli@s390x | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in Helm, a package manager for Kubernetes. A remote attacker could exploit this vulnerability by providing a malicious plugin that lacks a provenance file. Even when signature verification is enabled, Helm would incorrectly install this unverified plugin, bypassing critical security checks. This could lead to arbitrary code execution within the Kubernetes environment, allowing an attacker to gain unauthorized control.
8.0 (High)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Helm CLI 4.1:helm-cli@amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Helm CLI 4.1:helm-cli@amd64_darwin | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Helm CLI 4.1:helm-cli@amd64_windows | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Helm CLI 4.1:helm-cli@arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Helm CLI 4.1:helm-cli@arm64_darwin | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Helm CLI 4.1:helm-cli@arm64_windows | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Helm CLI 4.1:helm-cli@ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Helm CLI 4.1:helm-cli@s390x | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in Helm, a package manager for Kubernetes. A remote attacker could exploit this vulnerability by providing a specially crafted Chart to the `helm pull --untar` command. This would cause the Chart's contents to be written to an unintended directory, potentially overwriting existing files or placing malicious files in an accessible location, leading to data integrity and availability issues.
4.4 (Medium)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Helm CLI 4.1:helm-cli@amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Helm CLI 4.1:helm-cli@amd64_darwin | — |
Vendor Fix
fix
|
|
| Unresolved product id: Helm CLI 4.1:helm-cli@amd64_windows | — |
Vendor Fix
fix
|
|
| Unresolved product id: Helm CLI 4.1:helm-cli@arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Helm CLI 4.1:helm-cli@arm64_darwin | — |
Vendor Fix
fix
|
|
| Unresolved product id: Helm CLI 4.1:helm-cli@arm64_windows | — |
Vendor Fix
fix
|
|
| Unresolved product id: Helm CLI 4.1:helm-cli@ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Helm CLI 4.1:helm-cli@s390x | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
29 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2026:26441 | self |
| https://access.redhat.com/security/cve/CVE-2026-35204 | external |
| https://access.redhat.com/security/cve/CVE-2026-35205 | external |
| https://access.redhat.com/security/cve/CVE-2026-35206 | external |
| https://access.redhat.com/security/updates/classi… | external |
| https://github.com/helm/helm/releases/tag/v4.1.4 | external |
| https://helm.sh/docs/ | external |
| https://mirror.openshift.com/pub/cgw/helm/4.1.4/ | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2026-35204 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2456933 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-35204 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-35204 | external |
| https://github.com/helm/helm/commit/36c8539e99bc4… | external |
| https://github.com/helm/helm/releases/tag/v4.1.4 | external |
| https://github.com/helm/helm/security/advisories/… | external |
| https://access.redhat.com/security/cve/CVE-2026-35205 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2456927 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-35205 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-35205 | external |
| https://github.com/helm/helm/commit/05fa37973dc9e… | external |
| https://github.com/helm/helm/security/advisories/… | external |
| https://helm.sh/docs/topics/provenance/#the-prove… | external |
| https://access.redhat.com/security/cve/CVE-2026-35206 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2457151 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-35206 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-35206 | external |
| https://github.com/helm/helm/commit/4e7994d446718… | external |
| https://github.com/helm/helm/security/advisories/… | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "General availability release of Helm CLI v4.1.4.",
"title": "Topic"
},
{
"category": "general",
"text": "Helm is the package manager for Kubernetes, used to define, install, and upgrade applications as reusable charts. This release delivers the Helm v4.1.4 binaries built and distributed by Red Hat.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:26441",
"url": "https://access.redhat.com/errata/RHSA-2026:26441"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-35204",
"url": "https://access.redhat.com/security/cve/CVE-2026-35204"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-35205",
"url": "https://access.redhat.com/security/cve/CVE-2026-35205"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-35206",
"url": "https://access.redhat.com/security/cve/CVE-2026-35206"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://github.com/helm/helm/releases/tag/v4.1.4",
"url": "https://github.com/helm/helm/releases/tag/v4.1.4"
},
{
"category": "external",
"summary": "https://helm.sh/docs/",
"url": "https://helm.sh/docs/"
},
{
"category": "external",
"summary": "https://mirror.openshift.com/pub/cgw/helm/4.1.4/",
"url": "https://mirror.openshift.com/pub/cgw/helm/4.1.4/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_26441.json"
}
],
"title": "Red Hat Security Advisory: Helm CLI v4.1.4 release",
"tracking": {
"current_release_date": "2026-06-16T20:31:06+00:00",
"generator": {
"date": "2026-06-16T20:31:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.0.0"
}
},
"id": "RHSA-2026:26441",
"initial_release_date": "2026-06-16T20:29:05+00:00",
"revision_history": [
{
"date": "2026-06-16T20:29:05+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-16T20:29:17+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-16T20:31:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Helm CLI 4.1",
"product": {
"name": "Helm CLI 4.1",
"product_id": "Helm CLI 4.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:helm_cli:4.1::el9"
}
}
}
],
"category": "product_family",
"name": "Helm CLI"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-cli@amd64_windows",
"product": {
"name": "helm-cli@amd64_windows",
"product_id": "helm-cli@amd64_windows",
"product_identification_helper": {
"purl": "pkg:generic/helm-cli@4.1.4?filename=helm-windows-amd64.zip\u0026checksum=sha256:981377e39848776108d53b073f578554989e37bb1e2edbec1914dc2ec9e276e7\u0026download_url=https://developers.redhat.com/products"
}
}
}
],
"category": "architecture",
"name": "amd64_windows"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-cli@arm64_windows",
"product": {
"name": "helm-cli@arm64_windows",
"product_id": "helm-cli@arm64_windows",
"product_identification_helper": {
"purl": "pkg:generic/helm-cli@4.1.4?filename=helm-windows-arm64.zip\u0026checksum=sha256:f42baf560541087b59217e1539816a1b18bf7cb707e0226327221054958f019b\u0026download_url=https://developers.redhat.com/products"
}
}
}
],
"category": "architecture",
"name": "arm64_windows"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-cli@amd64",
"product": {
"name": "helm-cli@amd64",
"product_id": "helm-cli@amd64",
"product_identification_helper": {
"purl": "pkg:generic/helm-cli@4.1.4?filename=helm-linux-amd64.tar.gz\u0026checksum=sha256:6f953797650167509d767d5d7a2cd6dbdded66e433fe633d083fe412f7b0917e\u0026download_url=https://developers.redhat.com/products"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-cli@arm64",
"product": {
"name": "helm-cli@arm64",
"product_id": "helm-cli@arm64",
"product_identification_helper": {
"purl": "pkg:generic/helm-cli@4.1.4?filename=helm-linux-arm64.tar.gz\u0026checksum=sha256:fd3a0f2ae418b50aa7061d08ff27fd40eb90325a9ef9087609711959cc60fab3\u0026download_url=https://developers.redhat.com/products"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-cli@ppc64le",
"product": {
"name": "helm-cli@ppc64le",
"product_id": "helm-cli@ppc64le",
"product_identification_helper": {
"purl": "pkg:generic/helm-cli@4.1.4?filename=helm-linux-ppc64le.tar.gz\u0026checksum=sha256:7ee6552e0a6ba188ad6417be70caf26f725c3c448a0cd5907c23f4e61248929d\u0026download_url=https://developers.redhat.com/products"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-cli@s390x",
"product": {
"name": "helm-cli@s390x",
"product_id": "helm-cli@s390x",
"product_identification_helper": {
"purl": "pkg:generic/helm-cli@4.1.4?filename=helm-linux-s390x.tar.gz\u0026checksum=sha256:5953204ca216fb9d2be355ff82ba1d942c8ee3152a79c8a0e8c465f9f20be114\u0026download_url=https://developers.redhat.com/products"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-cli@amd64_darwin",
"product": {
"name": "helm-cli@amd64_darwin",
"product_id": "helm-cli@amd64_darwin",
"product_identification_helper": {
"purl": "pkg:generic/helm-cli@4.1.4?filename=helm-darwin-amd64.tar.gz\u0026checksum=sha256:8f2023aa2a658e47a4a8a67d8c9b828fb95f224b666e3bcd68aa02b54c71a1c3\u0026download_url=https://developers.redhat.com/products"
}
}
}
],
"category": "architecture",
"name": "amd64_darwin"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-cli@arm64_darwin",
"product": {
"name": "helm-cli@arm64_darwin",
"product_id": "helm-cli@arm64_darwin",
"product_identification_helper": {
"purl": "pkg:generic/helm-cli@4.1.4?filename=helm-darwin-arm64.tar.gz\u0026checksum=sha256:d5e5a6a3629e657cc462a3a9478acede304e9ee21de87854c411681d8d11c18c\u0026download_url=https://developers.redhat.com/products"
}
}
}
],
"category": "architecture",
"name": "arm64_darwin"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-cli@amd64 as a component of Helm CLI 4.1",
"product_id": "Helm CLI 4.1:helm-cli@amd64"
},
"product_reference": "helm-cli@amd64",
"relates_to_product_reference": "Helm CLI 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-cli@amd64_darwin as a component of Helm CLI 4.1",
"product_id": "Helm CLI 4.1:helm-cli@amd64_darwin"
},
"product_reference": "helm-cli@amd64_darwin",
"relates_to_product_reference": "Helm CLI 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-cli@amd64_windows as a component of Helm CLI 4.1",
"product_id": "Helm CLI 4.1:helm-cli@amd64_windows"
},
"product_reference": "helm-cli@amd64_windows",
"relates_to_product_reference": "Helm CLI 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-cli@arm64 as a component of Helm CLI 4.1",
"product_id": "Helm CLI 4.1:helm-cli@arm64"
},
"product_reference": "helm-cli@arm64",
"relates_to_product_reference": "Helm CLI 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-cli@arm64_darwin as a component of Helm CLI 4.1",
"product_id": "Helm CLI 4.1:helm-cli@arm64_darwin"
},
"product_reference": "helm-cli@arm64_darwin",
"relates_to_product_reference": "Helm CLI 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-cli@arm64_windows as a component of Helm CLI 4.1",
"product_id": "Helm CLI 4.1:helm-cli@arm64_windows"
},
"product_reference": "helm-cli@arm64_windows",
"relates_to_product_reference": "Helm CLI 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-cli@ppc64le as a component of Helm CLI 4.1",
"product_id": "Helm CLI 4.1:helm-cli@ppc64le"
},
"product_reference": "helm-cli@ppc64le",
"relates_to_product_reference": "Helm CLI 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-cli@s390x as a component of Helm CLI 4.1",
"product_id": "Helm CLI 4.1:helm-cli@s390x"
},
"product_reference": "helm-cli@s390x",
"relates_to_product_reference": "Helm CLI 4.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-35204",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-04-09T16:01:36.464601+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456933"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Helm, a package manager for Kubernetes. An attacker could exploit this vulnerability by providing a specially crafted Helm plugin. When such a plugin is installed or updated, Helm incorrectly processes its configuration, allowing the plugin\u0027s contents to be written to an arbitrary location on the filesystem. This could lead to unauthorized modification of system files or other critical data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/helm/helm: helm.sh/helm/v4: Helm: Arbitrary file write via specially crafted plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Helm CLI 4.1:helm-cli@amd64",
"Helm CLI 4.1:helm-cli@amd64_darwin",
"Helm CLI 4.1:helm-cli@amd64_windows",
"Helm CLI 4.1:helm-cli@arm64",
"Helm CLI 4.1:helm-cli@arm64_darwin",
"Helm CLI 4.1:helm-cli@arm64_windows",
"Helm CLI 4.1:helm-cli@ppc64le",
"Helm CLI 4.1:helm-cli@s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-35204"
},
{
"category": "external",
"summary": "RHBZ#2456933",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456933"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-35204",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35204"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-35204",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35204"
},
{
"category": "external",
"summary": "https://github.com/helm/helm/commit/36c8539e99bc42d7aef9b87d136254662d04f027",
"url": "https://github.com/helm/helm/commit/36c8539e99bc42d7aef9b87d136254662d04f027"
},
{
"category": "external",
"summary": "https://github.com/helm/helm/releases/tag/v4.1.4",
"url": "https://github.com/helm/helm/releases/tag/v4.1.4"
},
{
"category": "external",
"summary": "https://github.com/helm/helm/security/advisories/GHSA-vmx8-mqv2-9gmg",
"url": "https://github.com/helm/helm/security/advisories/GHSA-vmx8-mqv2-9gmg"
}
],
"release_date": "2026-04-09T15:03:28.668000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T20:29:05+00:00",
"details": "Download the Helm CLI v4.1.4 binaries for your platform from https://mirror.openshift.com/pub/cgw/helm/4.1.4/",
"product_ids": [
"Helm CLI 4.1:helm-cli@amd64",
"Helm CLI 4.1:helm-cli@amd64_darwin",
"Helm CLI 4.1:helm-cli@amd64_windows",
"Helm CLI 4.1:helm-cli@arm64",
"Helm CLI 4.1:helm-cli@arm64_darwin",
"Helm CLI 4.1:helm-cli@arm64_windows",
"Helm CLI 4.1:helm-cli@ppc64le",
"Helm CLI 4.1:helm-cli@s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26441"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Helm CLI 4.1:helm-cli@amd64",
"Helm CLI 4.1:helm-cli@amd64_darwin",
"Helm CLI 4.1:helm-cli@amd64_windows",
"Helm CLI 4.1:helm-cli@arm64",
"Helm CLI 4.1:helm-cli@arm64_darwin",
"Helm CLI 4.1:helm-cli@arm64_windows",
"Helm CLI 4.1:helm-cli@ppc64le",
"Helm CLI 4.1:helm-cli@s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Helm CLI 4.1:helm-cli@amd64",
"Helm CLI 4.1:helm-cli@amd64_darwin",
"Helm CLI 4.1:helm-cli@amd64_windows",
"Helm CLI 4.1:helm-cli@arm64",
"Helm CLI 4.1:helm-cli@arm64_darwin",
"Helm CLI 4.1:helm-cli@arm64_windows",
"Helm CLI 4.1:helm-cli@ppc64le",
"Helm CLI 4.1:helm-cli@s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/helm/helm: helm.sh/helm/v4: Helm: Arbitrary file write via specially crafted plugin"
},
{
"cve": "CVE-2026-35205",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2026-04-09T16:01:08.682859+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456927"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Helm, a package manager for Kubernetes. A remote attacker could exploit this vulnerability by providing a malicious plugin that lacks a provenance file. Even when signature verification is enabled, Helm would incorrectly install this unverified plugin, bypassing critical security checks. This could lead to arbitrary code execution within the Kubernetes environment, allowing an attacker to gain unauthorized control.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/helm/helm: helm.sh/helm/v4: Helm: Arbitrary code execution due to insufficient plugin provenance verification",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Helm CLI 4.1:helm-cli@amd64",
"Helm CLI 4.1:helm-cli@amd64_darwin",
"Helm CLI 4.1:helm-cli@amd64_windows",
"Helm CLI 4.1:helm-cli@arm64",
"Helm CLI 4.1:helm-cli@arm64_darwin",
"Helm CLI 4.1:helm-cli@arm64_windows",
"Helm CLI 4.1:helm-cli@ppc64le",
"Helm CLI 4.1:helm-cli@s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-35205"
},
{
"category": "external",
"summary": "RHBZ#2456927",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456927"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-35205",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35205"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-35205",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35205"
},
{
"category": "external",
"summary": "https://github.com/helm/helm/commit/05fa37973dc9e42b76e1d2883494c87174b6074f",
"url": "https://github.com/helm/helm/commit/05fa37973dc9e42b76e1d2883494c87174b6074f"
},
{
"category": "external",
"summary": "https://github.com/helm/helm/releases/tag/v4.1.4",
"url": "https://github.com/helm/helm/releases/tag/v4.1.4"
},
{
"category": "external",
"summary": "https://github.com/helm/helm/security/advisories/GHSA-q5jf-9vfq-h4h7",
"url": "https://github.com/helm/helm/security/advisories/GHSA-q5jf-9vfq-h4h7"
},
{
"category": "external",
"summary": "https://helm.sh/docs/topics/provenance/#the-provenance-file",
"url": "https://helm.sh/docs/topics/provenance/#the-provenance-file"
}
],
"release_date": "2026-04-09T15:06:41.052000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T20:29:05+00:00",
"details": "Download the Helm CLI v4.1.4 binaries for your platform from https://mirror.openshift.com/pub/cgw/helm/4.1.4/",
"product_ids": [
"Helm CLI 4.1:helm-cli@amd64",
"Helm CLI 4.1:helm-cli@amd64_darwin",
"Helm CLI 4.1:helm-cli@amd64_windows",
"Helm CLI 4.1:helm-cli@arm64",
"Helm CLI 4.1:helm-cli@arm64_darwin",
"Helm CLI 4.1:helm-cli@arm64_windows",
"Helm CLI 4.1:helm-cli@ppc64le",
"Helm CLI 4.1:helm-cli@s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26441"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Helm CLI 4.1:helm-cli@amd64",
"Helm CLI 4.1:helm-cli@amd64_darwin",
"Helm CLI 4.1:helm-cli@amd64_windows",
"Helm CLI 4.1:helm-cli@arm64",
"Helm CLI 4.1:helm-cli@arm64_darwin",
"Helm CLI 4.1:helm-cli@arm64_windows",
"Helm CLI 4.1:helm-cli@ppc64le",
"Helm CLI 4.1:helm-cli@s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Helm CLI 4.1:helm-cli@amd64",
"Helm CLI 4.1:helm-cli@amd64_darwin",
"Helm CLI 4.1:helm-cli@amd64_windows",
"Helm CLI 4.1:helm-cli@arm64",
"Helm CLI 4.1:helm-cli@arm64_darwin",
"Helm CLI 4.1:helm-cli@arm64_windows",
"Helm CLI 4.1:helm-cli@ppc64le",
"Helm CLI 4.1:helm-cli@s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/helm/helm: helm.sh/helm/v4: Helm: Arbitrary code execution due to insufficient plugin provenance verification"
},
{
"cve": "CVE-2026-35206",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-04-09T22:05:35.573151+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2457151"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Helm, a package manager for Kubernetes. A remote attacker could exploit this vulnerability by providing a specially crafted Chart to the `helm pull --untar` command. This would cause the Chart\u0027s contents to be written to an unintended directory, potentially overwriting existing files or placing malicious files in an accessible location, leading to data integrity and availability issues.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/helm/helm: Helm: Files written to unexpected directory via specially crafted Chart",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Helm CLI 4.1:helm-cli@amd64",
"Helm CLI 4.1:helm-cli@amd64_darwin",
"Helm CLI 4.1:helm-cli@amd64_windows",
"Helm CLI 4.1:helm-cli@arm64",
"Helm CLI 4.1:helm-cli@arm64_darwin",
"Helm CLI 4.1:helm-cli@arm64_windows",
"Helm CLI 4.1:helm-cli@ppc64le",
"Helm CLI 4.1:helm-cli@s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-35206"
},
{
"category": "external",
"summary": "RHBZ#2457151",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457151"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-35206",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35206"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-35206",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35206"
},
{
"category": "external",
"summary": "https://github.com/helm/helm/commit/4e7994d4467182f535b6797c94b5b0e994a91436",
"url": "https://github.com/helm/helm/commit/4e7994d4467182f535b6797c94b5b0e994a91436"
},
{
"category": "external",
"summary": "https://github.com/helm/helm/releases/tag/v4.1.4",
"url": "https://github.com/helm/helm/releases/tag/v4.1.4"
},
{
"category": "external",
"summary": "https://github.com/helm/helm/security/advisories/GHSA-hr2v-4r36-88hr",
"url": "https://github.com/helm/helm/security/advisories/GHSA-hr2v-4r36-88hr"
}
],
"release_date": "2026-04-09T21:02:13.594000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T20:29:05+00:00",
"details": "Download the Helm CLI v4.1.4 binaries for your platform from https://mirror.openshift.com/pub/cgw/helm/4.1.4/",
"product_ids": [
"Helm CLI 4.1:helm-cli@amd64",
"Helm CLI 4.1:helm-cli@amd64_darwin",
"Helm CLI 4.1:helm-cli@amd64_windows",
"Helm CLI 4.1:helm-cli@arm64",
"Helm CLI 4.1:helm-cli@arm64_darwin",
"Helm CLI 4.1:helm-cli@arm64_windows",
"Helm CLI 4.1:helm-cli@ppc64le",
"Helm CLI 4.1:helm-cli@s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26441"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"Helm CLI 4.1:helm-cli@amd64",
"Helm CLI 4.1:helm-cli@amd64_darwin",
"Helm CLI 4.1:helm-cli@amd64_windows",
"Helm CLI 4.1:helm-cli@arm64",
"Helm CLI 4.1:helm-cli@arm64_darwin",
"Helm CLI 4.1:helm-cli@arm64_windows",
"Helm CLI 4.1:helm-cli@ppc64le",
"Helm CLI 4.1:helm-cli@s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/helm/helm: Helm: Files written to unexpected directory via specially crafted Chart"
}
]
}
WID-SEC-W-2026-1048
Vulnerability from csaf_certbund - Published: 2026-04-09 22:00 - Updated: 2026-06-16 22:00Summary
helm: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Helm ist ein Open-Source-Paketmanager für Kubernetes, der die Bereitstellung und Verwaltung von Anwendungen vereinfacht.
Angriff: Ein Angreifer kann mehrere Schwachstellen in helm ausnutzen, um Dateien zu manipulieren, um Sicherheitsvorkehrungen zu umgehen, und potenziell um beliebigen Code auszuführen.
Betroffene Betriebssysteme: - Linux
- UNIX
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source helm <4.1.4
Open Source / helm
|
<4.1.4 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 | |
|
Open Source helm <3.20.2
Open Source / helm
|
<3.20.2 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source helm <4.1.4
Open Source / helm
|
<4.1.4 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 | |
|
Open Source helm <3.20.2
Open Source / helm
|
<3.20.2 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source helm <4.1.4
Open Source / helm
|
<4.1.4 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 | |
|
Open Source helm <3.20.2
Open Source / helm
|
<3.20.2 |
References
16 references
| URL | Category |
|---|---|
| https://wid.cert-bund.de/.well-known/csaf/white/2… | self |
| https://wid.cert-bund.de/portal/wid/securityadvis… | self |
| https://github.com/helm/helm/releases/tag/v4.1.4 | external |
| https://github.com/helm/helm/security/advisories/… | external |
| https://github.com/helm/helm/security/advisories/… | external |
| https://github.com/helm/helm/security/advisories/… | external |
| https://lists.opensuse.org/archives/list/security… | external |
| https://lists.opensuse.org/archives/list/security… | external |
| https://msrc.microsoft.com/update-guide/ | external |
| https://lists.suse.com/pipermail/sle-security-upd… | external |
| https://lists.suse.com/pipermail/sle-security-upd… | external |
| https://lists.suse.com/pipermail/sle-security-upd… | external |
| https://lists.opensuse.org/archives/list/security… | external |
| https://lists.suse.com/pipermail/sle-security-upd… | external |
| https://lists.suse.com/pipermail/sle-security-upd… | external |
| https://access.redhat.com/errata/RHSA-2026:26441 | external |
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Helm ist ein Open-Source-Paketmanager f\u00fcr Kubernetes, der die Bereitstellung und Verwaltung von Anwendungen vereinfacht.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in helm ausnutzen, um Dateien zu manipulieren, um Sicherheitsvorkehrungen zu umgehen, und potenziell um beliebigen Code auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-1048 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1048.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-1048 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1048"
},
{
"category": "external",
"summary": "Helm 4.1.4 Release Notes vom 2026-04-09",
"url": "https://github.com/helm/helm/releases/tag/v4.1.4"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-VMX8-MQV2-9GMG vom 2026-04-09",
"url": "https://github.com/helm/helm/security/advisories/GHSA-vmx8-mqv2-9gmg"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-Q5JF-9VFQ-H4H7 vom 2026-04-09",
"url": "https://github.com/helm/helm/security/advisories/GHSA-Q5JF-9VFQ-H4H7"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-HR2V-4R36-88HR vom 2026-04-09",
"url": "https://github.com/helm/helm/security/advisories/GHSA-HR2V-4R36-88HR"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10532-1 vom 2026-04-12",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/37XDZV6RMG5EUCBYWHRRFRJ5NP3M52FR/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10538-1 vom 2026-04-14",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3VDV4VWVWTC6KXD36FKFNZRFVBRHOKIB/"
},
{
"category": "external",
"summary": "Microsoft Security Update Guide vom 2026-04-14",
"url": "https://msrc.microsoft.com/update-guide/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1483-1 vom 2026-04-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025460.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21434-1 vom 2026-05-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025818.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21461-1 vom 2026-05-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025795.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:20655-1 vom 2026-05-04",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/E3IHNXEG2P5U44VJFWYSBUQWBQ4GFJYP/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21635-1 vom 2026-05-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/026057.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21628-1 vom 2026-05-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/026064.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:26441 vom 2026-06-16",
"url": "https://access.redhat.com/errata/RHSA-2026:26441"
}
],
"source_lang": "en-US",
"title": "helm: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-06-16T22:00:00.000+00:00",
"generator": {
"date": "2026-06-17T09:00:33.059+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2026-1048",
"initial_release_date": "2026-04-09T22:00:00.000+00:00",
"revision_history": [
{
"date": "2026-04-09T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-04-12T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2026-04-14T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2026-04-20T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-05-03T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-05-04T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2026-05-17T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-06-16T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "8"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "azl3",
"product": {
"name": "Microsoft Azure Linux azl3",
"product_id": "T049210",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:azure_linux:azl3"
}
}
}
],
"category": "product_name",
"name": "Azure Linux"
}
],
"category": "vendor",
"name": "Microsoft"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.1.4",
"product": {
"name": "Open Source helm \u003c4.1.4",
"product_id": "T052649"
}
},
{
"category": "product_version",
"name": "4.1.4",
"product": {
"name": "Open Source helm 4.1.4",
"product_id": "T052649-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:helm:helm:4.1.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c3.20.2",
"product": {
"name": "Open Source helm \u003c3.20.2",
"product_id": "T052650"
}
},
{
"category": "product_version",
"name": "3.20.2",
"product": {
"name": "Open Source helm 3.20.2",
"product_id": "T052650-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:helm:helm:3.20.2"
}
}
}
],
"category": "product_name",
"name": "helm"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-35204",
"product_status": {
"known_affected": [
"T002207",
"T052649",
"67646",
"T027843",
"T049210",
"T052650"
]
},
"release_date": "2026-04-09T22:00:00.000+00:00",
"title": "CVE-2026-35204"
},
{
"cve": "CVE-2026-35205",
"product_status": {
"known_affected": [
"T002207",
"T052649",
"67646",
"T027843",
"T049210",
"T052650"
]
},
"release_date": "2026-04-09T22:00:00.000+00:00",
"title": "CVE-2026-35205"
},
{
"cve": "CVE-2026-35206",
"product_status": {
"known_affected": [
"T002207",
"T052649",
"67646",
"T027843",
"T049210",
"T052650"
]
},
"release_date": "2026-04-09T22:00:00.000+00:00",
"title": "CVE-2026-35206"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…