
Argo CD Repo-Server Unauthenticated gRPC Flaw Enables Kustomize Command Injection for Kubernetes Takeover
Unpatched Argo CD repo-server vulnerability allows unauthenticated code execution via kustomize abuse, exposing clusters when default Helm network policies are absent. The flaw revives prior Redis poisoning risks and fits a pattern of insufficient internal isolation in the project. Immediate network policy enforcement is required until a fix ships.
Synacktiv disclosed the flaw after 18 months with no patch from Argo CD maintainers. The repo-server component accepts unauthenticated gRPC requests to its GenerateManifest service. Attackers supply an attacker-controlled Git repo that sets kustomize's --helm-command flag to a malicious binary instead of the legitimate helm executable, achieving code execution on the repo-server pod.
Default Argo CD Helm chart deployments leave networkPolicy.create set to false, exposing the service to any compromised pod in the cluster. Once inside, the attacker reads the Redis password from environment variables, connects to the cache, and poisons deployment data. This revives the attack surface of CVE-2024-31989 even after the password was added, since cache entries remain unsigned.
The pattern across CVE-2025-55190, CVE-2026-42880, and this issue shows Argo CD concentrating Git credentials and cluster control without consistent internal authentication or isolation. Procurement and default configurations continue to favor ease of deployment over least-privilege network boundaries.
Defenders must manually enable the provided network policies and verify them via kubectl get networkpolicy. Synacktiv is withholding its argo-cdown tool until administrators can audit their clusters.
Argo Project Maintainers: networkPolicy.create defaults to true in Helm chart within 90 days of July 2026 disclosure
Sources (3)
- [1]Synacktiv Argo CD Technical Report(https://www.synacktiv.com/en/publications/argo-cd-repo-server-vuln)
- [2]Argo CD Helm Chart Defaults Analysis(https://github.com/argoproj/argo-helm)
- [3]The Hacker News Disclosure(https://thehackernews.com/2026/07/unpatched-argo-cd-repo-server-flaw.html)