Description
Helm is a package manager for Charts for Kubernetes. From 4.0.0 to 4.1.3, a specially crafted Helm plugin, when installed or updated, will cause Helm to write the contents of the plugin to an arbitrary filesystem location. To prevent this, validate that the plugin.yaml of the Helm plugin does not include a version: field containing POSIX dot-dot path separators ie. "/../". This vulnerability is fixed in 4.1.4.
Published: 2026-04-09
Score: 8.4 High
EPSS: < 1% Very Low
KEV: No
Impact: Arbitrary File Write
Action: Patch Immediately
AI Analysis

Impact

Helm contains a path traversal flaw in plugin metadata that allows an attacker to write arbitrary files outside the intended Helm plugin directory. This is a CWE‑22 weakness that can be leveraged to overwrite configuration files or executable binaries, potentially leading to privilege escalation or execution of malicious code. The effect is that the attacker can place or modify any file on the host file system where Helm runs, compromising system integrity.

Affected Systems

The vulnerability applies to Helm, the Kubernetes package manager, from version 4.0.0 up through 4.1.3. Users who installed or updated plugins during this period were exposed. The flaw was addressed in Helm release 4.1.4.

Risk and Exploitability

The CVSS score of 8.4 indicates high severity. Although EPSS data is not available and the vulnerability is not listed in the KEV catalog, exploitation is straightforward for anyone who can supply a malicious plugin during installation or update. The likely attack vector is remote, via a Helm client that trusts the plugin source or via a compromised plugin repository, allowing an attacker to deploy the faulting plugin and trigger the arbitrary file write.

Generated by OpenCVE AI on April 9, 2026 at 16:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Helm to version 4.1.4 or later.
  • Avoid installing plugins from untrusted or unknown sources.
  • Before installing a plugin, verify that its plugin.yaml ‘version’ field does not contain a ‘/../’ path separator.

Generated by OpenCVE AI on April 9, 2026 at 16:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-vmx8-mqv2-9gmg Helm has a path traversal in plugin metadata version enables arbitrary file write outside Helm plugin directory
History

Fri, 10 Apr 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Helm
Helm helm
Vendors & Products Helm
Helm helm

Thu, 09 Apr 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 09 Apr 2026 15:30:00 +0000

Type Values Removed Values Added
Description Helm is a package manager for Charts for Kubernetes. From 4.0.0 to 4.1.3, a specially crafted Helm plugin, when installed or updated, will cause Helm to write the contents of the plugin to an arbitrary filesystem location. To prevent this, validate that the plugin.yaml of the Helm plugin does not include a version: field containing POSIX dot-dot path separators ie. "/../". This vulnerability is fixed in 4.1.4.
Title Helm has a path traversal in plugin metadata version enables arbitrary file write outside Helm plugin directory
Weaknesses CWE-22
References
Metrics cvssV4_0

{'score': 8.4, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:L/SC:H/SI:H/SA:H'}

Subscriptions

Helm Helm
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-04-09T17:46:15.811Z

Reserved: 2026-04-01T18:48:58.937Z

Link: CVE-2026-35204

cve-icon Vulnrichment

Updated: 2026-04-09T17:46:12.319Z

cve-icon NVD

Status : Received

Published: 2026-04-09T16:16:27.550

Modified: 2026-04-09T16:16:27.550

Link: CVE-2026-35204

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-10T09:32:29Z

Weaknesses