Known Vulnerabilities for products from Helm

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Helm".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2026-40109 json Not Provided 2026-04-09 2026-04-14
CVE-2026-35206 json Helm is a package manager for Charts for Kubernetes. In Helm versions <=3.20.1 and <=4.1.3, a specially crafted Chart will ca... Not Provided 2026-04-09 2026-04-16
CVE-2026-35205 json Helm is a package manager for Charts for Kubernetes. From 4.0.0 to 4.1.3, Helm will install plugins missing provenance (.prov... Not Provided 2026-04-09 2026-04-17
CVE-2026-35204 json Helm is a package manager for Charts for Kubernetes. From 4.0.0 to 4.1.3, a specially crafted Helm plugin, when installed or ... Not Provided 2026-04-09 2026-04-17
CVE-2026-26056 json Not Provided 2026-02-12 2026-02-12
CVE-2026-26055 json Not Provided 2026-02-12 2026-02-12
CVE-2023-25165 json Helm is a tool that streamlines installing and managing Kubernetes applications.`getHostByName` is a Helm template function i... 4.3 - MEDIUM 2023-02-08 2023-02-16
CVE-2022-36055 json Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. Fuzz testing, provided by the... 6.5 - MEDIUM 2022-09-01 2023-07-21
CVE-2022-36049 json Flux2 is a tool for keeping Kubernetes clusters in sync with sources of configuration, and Flux's helm-controller is a Kubern... 7.5 - HIGH 2022-09-07 2022-09-12
CVE-2022-23526 json ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 7.5 - HIGH 2022-12-15 2022-12-20
CVE-2022-23525 json ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 7.5 - HIGH 2022-12-15 2022-12-20
CVE-2022-23524 json ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 7.5 - HIGH 2022-12-15 2023-06-27
CVE-2021-32690 json Helm is a tool for managing Charts (packages of pre-configured Kubernetes resources). In versions of helm prior to 3.6.1, a v... 8.6 - HIGH 2021-06-16 2022-10-25
CVE-2021-21303 json Helm is open-source software which is essentially "The Kubernetes Package Manager". Helm is a tool for managing Charts. Chart... 6.8 - MEDIUM 2021-02-05 2023-03-13
CVE-2020-15187 json In Helm before versions 2.16.11 and 3.3.2, a Helm plugin can contain duplicates of the same entry, with the last one always u... 4.7 - MEDIUM 2020-09-17 2021-11-18
CVE-2020-15186 json In Helm before versions 2.16.11 and 3.3.2 plugin names are not sanitized properly. As a result, a malicious plugin author cou... 2.7 - LOW 2020-09-17 2021-11-18
CVE-2020-15185 json In Helm before versions 2.16.11 and 3.3.2, a Helm repository can contain duplicates of the same chart, with the last one alwa... 2.7 - LOW 2020-09-17 2022-08-05
CVE-2020-15184 json In Helm before versions 2.16.11 and 3.3.2 there is a bug in which the `alias` field on a `Chart.yaml` is not properly sanitiz... 2.7 - LOW 2020-09-17 2021-11-18
CVE-2020-11013 json Their is an information disclosure vulnerability in Helm from version 3.1.0 and before version 3.2.0. `lookup` is a Helm temp... 5 - MEDIUM 2020-04-24 2020-07-06
CVE-2020-4053 json In Helm greater than or equal to 3.0.0 and less than 3.2.4, a path traversal attack is possible when installing Helm plugins ... 6.8 - MEDIUM 2020-06-16 2020-07-06
Results limited to 20 most recent vulnerabilities

Known software with vulnerabilities from Helm

Type Vendor Product Version
ApplicationHelmChartmuseum0.1.0
ApplicationHelmHelm1.0