A vulnerability was found in argoproj argo-workflows . It has been classified as critical . Affected is an unknown function of the component Sync ConfigMap Provider . Performing a manipulation results in missing authorization. This vulnerability is reported as CVE-2026-42297 . The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is recommended.