Cyber Resilience

CVE-2026-31892

HighPublic PoCUpdated

Published: 11 March 2026

Published
11 March 2026
Modified
30 June 2026
KEV Added
Patch
CVSS Score v4 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0027 18.9th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-31892 is a high-severity Incorrect Authorization (CWE-863) vulnerability in Argoproj Argo Workflows. Its CVSS base score is 8.9 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 18.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).

Deeper analysis

CVE-2026-31892 is a critical authorization bypass vulnerability (CWE-863: Incorrect Authorization) in Argo Workflows, an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. It affects versions from 2.9.0 up to but excluding 4.0.2 and 3.7.11. The issue arises because a user submitting a Workflow can include a podSpecPatch field that completely overrides all security settings defined in a referenced WorkflowTemplate. This occurs even when the controller is configured with templateReferencing: Strict, intended to enforce use of admin-approved templates, as the podSpecPatch takes precedence during spec merging and is applied directly to the pod spec at creation time without any security validation.

A low-privileged user (PR:L) who can submit Workflows can exploit this vulnerability remotely (AV:N) with low attack complexity (AC:L) and no user interaction (UI:N), achieving high confidentiality (C:H) and integrity (I:H) impacts but no availability impact (A:N), for an overall CVSS v3.1 score of 8.1 (S:U). Attackers can thereby inject arbitrary pod specifications, evading cluster security controls enforced via templates.

The vulnerability is addressed in Argo Workflows releases 4.0.2 and 3.7.11. Additional details on the issue and mitigation are available in the upstream security advisory at https://github.com/argoproj/argo-workflows/security/advisories/GHSA-3wf5-g532-rcrr.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From 2.9.0 to before 4.0.2 and 3.7.11, A user who can submit Workflows can completely bypass all security settings defined in a WorkflowTemplate by including…

more

a podSpecPatch field in their Workflow submission. This works even when the controller is configured with templateReferencing: Strict, which is specifically documented as a mechanism to restrict users to admin-approved templates. The podSpecPatch field on a submitted Workflow takes precedence over the referenced WorkflowTemplate during spec merging and is applied directly to the pod spec at creation time with no security validation. This vulnerability is fixed in 4.0.2 and 3.7.11.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
T1610 Deploy Container Execution
Adversaries may deploy a container into an environment to facilitate execution or evade defenses.
Why these techniques?

Authorization bypass enables arbitrary podSpec injection (overriding WorkflowTemplate security controls), directly facilitating container deployment (T1610) and privilege escalation via exploitation (T1068).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-42296Same product: Argoproj Argo Workflows
CVE-2026-28229Same product: Argoproj Argo Workflows
CVE-2025-66626Same product: Argoproj Argo Workflows
CVE-2025-62156Same product: Argoproj Argo Workflows
CVE-2026-40886Same product: Argoproj Argo Workflows
CVE-2025-64421Shared CWE-863
CVE-2026-41404Shared CWE-863
CVE-2026-42880Same vendor: Argoproj
CVE-2024-44305Shared CWE-863
CVE-2026-4639Shared CWE-863

Affected Assets

argoproj
argo workflows
2.9.0 — 3.7.11 · 4.0.0 — 4.0.2

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires timely identification, reporting, and correction of the authorization bypass flaw in Argo Workflows, preventing exploitation of podSpecPatch to override WorkflowTemplate security settings.

prevent

Enforces approved authorizations to block unauthorized pod specification overrides via podSpecPatch during Workflow submission and spec merging.

prevent

Validates Workflow submission inputs including podSpecPatch fields to reject those that bypass admin-approved template security configurations without validation.

References