Kubernetes CI/CD Flaws in Tekton and Argo Require Immediate Patching
Two newly reported Kubernetes CI/CD vulnerabilities affect Tekton Pipelines and Argo Workflows, with both issues tied to insufficient validation of user-supplied fields in cluster workflow objects. CVE-2026-40923 allows a VolumeMount.mountPath path restriction bypass in Tekton Pipelines because admission webhooks failed to normalize paths, enabling traversal patterns such as ..; the fix is to upgrade to Tekton Pipelines 1.11.1 or later, which adds filepath.Clean logic. CVE-2026-40886 causes a denial of service in Argo Workflows through unchecked parsing of the workflows.argoproj.io/pod-gc-strategy annotation, and is fully patched in Argo Workflows 3.7.14 and 4.0.5.
Where upgrades cannot be applied immediately, defenders are advised to enforce Kubernetes admission policies using OPA Gatekeeper, Kyverno, or native validating controls to block malicious Tekton Task and TaskRun requests and to validate incoming Argo Workflow annotations. The guidance also calls for tightening RBAC so only trusted CI/CD service accounts and authorized personnel can create Tekton resources, restricting namespace access to limit blast radius, and, in Argo environments already forced into a controller crash loop, manually deleting the malicious Workflow object from the Kubernetes API so the controller can recover.

Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
2 events from the most recent confirmed update back to the earliest known activity.
Argo Workflows patches released for CVE-2026-40886
Argo Workflows v3.7.14 and v4.0.5 were identified as the patched versions that fully resolve CVE-2026-40886, a denial-of-service issue caused by unchecked annotation parsing.
Tekton Pipelines fix released for CVE-2026-40923
Tekton Pipelines 1.11.1 or later was identified as the definitive fix for CVE-2026-40923, adding filepath.Clean path normalization logic to admission webhooks to prevent VolumeMount path restriction bypass.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
2 references tracked. Mallory keeps watching after this page renders.
CVE-2026-40886: CVE-2026-40886: Denial of Service via Unchecked Annotation Parsing in Argo Workflows | CVEReports
cvereports.com
Open sourceCVE-2026-40923: CVE-2026-40923: Tekton Pipelines VolumeMount Path Restriction Bypass via Missing Path Normalization | CVEReports
cvereports.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.


