{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-35205", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-04-01T18:48:58.937Z", "datePublished": "2026-04-09T15:06:41.052Z", "dateUpdated": "2026-04-09T16:05:00.744Z"}, "containers": {"cna": {"title": "Helm's plugin verification fails open when .prov is missing, allowing unsigned plugin install", "problemTypes": [{"descriptions": [{"cweId": "CWE-636", "lang": "en", "description": "CWE-636: Not Failing Securely ('Failing Open')", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "ACTIVE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 8.4, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/helm/helm/security/advisories/GHSA-q5jf-9vfq-h4h7", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/helm/helm/security/advisories/GHSA-q5jf-9vfq-h4h7"}, {"name": "https://github.com/helm/helm/commit/05fa37973dc9e42b76e1d2883494c87174b6074f", "tags": ["x_refsource_MISC"], "url": "https://github.com/helm/helm/commit/05fa37973dc9e42b76e1d2883494c87174b6074f"}, {"name": "https://github.com/helm/helm/releases/tag/v4.1.4", "tags": ["x_refsource_MISC"], "url": "https://github.com/helm/helm/releases/tag/v4.1.4"}, {"name": "https://helm.sh/docs/topics/provenance/#the-provenance-file", "tags": ["x_refsource_MISC"], "url": "https://helm.sh/docs/topics/provenance/#the-provenance-file"}], "affected": [{"vendor": "helm", "product": "helm", "versions": [{"version": ">= 4.0.0, < 4.1.4", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-09T15:06:41.052Z"}, "descriptions": [{"lang": "en", "value": "Helm is a package manager for Charts for Kubernetes. From 4.0.0 to 4.1.3, Helm will install plugins missing provenance (.prov file) when signature verification is required. This vulnerability is fixed in 4.1.4."}], "source": {"advisory": "GHSA-q5jf-9vfq-h4h7", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-09T16:04:47.054575Z", "id": "CVE-2026-35205", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-09T16:05:00.744Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-35205", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-09T16:04:47.054575Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-09T16:04:50.634Z"}}], "cna": {"title": "Helm's plugin verification fails open when .prov is missing, allowing unsigned plugin install", "source": {"advisory": "GHSA-q5jf-9vfq-h4h7", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 8.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "userInteraction": "ACTIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH"}}], "affected": [{"vendor": "helm", "product": "helm", "versions": [{"status": "affected", "version": ">= 4.0.0, < 4.1.4"}]}], "references": [{"url": "https://github.com/helm/helm/security/advisories/GHSA-q5jf-9vfq-h4h7", "name": "https://github.com/helm/helm/security/advisories/GHSA-q5jf-9vfq-h4h7", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/helm/helm/commit/05fa37973dc9e42b76e1d2883494c87174b6074f", "name": "https://github.com/helm/helm/commit/05fa37973dc9e42b76e1d2883494c87174b6074f", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/helm/helm/releases/tag/v4.1.4", "name": "https://github.com/helm/helm/releases/tag/v4.1.4", "tags": ["x_refsource_MISC"]}, {"url": "https://helm.sh/docs/topics/provenance/#the-provenance-file", "name": "https://helm.sh/docs/topics/provenance/#the-provenance-file", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Helm is a package manager for Charts for Kubernetes. From 4.0.0 to 4.1.3, Helm will install plugins missing provenance (.prov file) when signature verification is required. This vulnerability is fixed in 4.1.4."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-636", "description": "CWE-636: Not Failing Securely ('Failing Open')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-09T15:06:41.052Z"}}}, "cveMetadata": {"cveId": "CVE-2026-35205", "state": "PUBLISHED", "dateUpdated": "2026-04-09T16:05:00.744Z", "dateReserved": "2026-04-01T18:48:58.937Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-04-09T15:06:41.052Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:helm:helm:*:*:*:*:*:*:*:*", "matchCriteriaId": "800B9949-E36B-45F3-9EA0-CA9DDA3D8868", "versionEndExcluding": "4.1.4", "versionStartIncluding": "4.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Helm is a package manager for Charts for Kubernetes. From 4.0.0 to 4.1.3, Helm will install plugins missing provenance (.prov file) when signature verification is required. This vulnerability is fixed in 4.1.4."}], "id": "CVE-2026-35205", "lastModified": "2026-04-17T14:05:55.620", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-04-09T16:16:27.720", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/helm/helm/commit/05fa37973dc9e42b76e1d2883494c87174b6074f"}, {"source": "security-advisories@github.com", "tags": ["Product", "Release Notes"], "url": "https://github.com/helm/helm/releases/tag/v4.1.4"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory", "Mitigation"], "url": "https://github.com/helm/helm/security/advisories/GHSA-q5jf-9vfq-h4h7"}, {"source": "security-advisories@github.com", "tags": ["Product"], "url": "https://helm.sh/docs/topics/provenance/#the-provenance-file"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-636"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[4.0.0,4.1.4)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "helm", "source": "cna", "vendor": "helm"}, "product": "helm", "vendor": "helm"}], "analysis": {"en": {"generated_at": "2026-04-09T16:50:15.450849+00:00", "value": {"mitigation_remediation": ["Upgrade Helm to version 4.1.4 or newer", "Verify that installed plugins include a valid .prov file before use"], "summary": {"action": "Update immediately", "impact": "Unsigned Plugin Installation"}, "threat_synthesis": {"affected_systems": "Helm releases from 4.0.0 through 4.1.3 are affected. The vulnerability has been remediated in Helm 4.1.4, which restores proper provenance verification before plugin installation.", "description_and_impact": "Helm\u2019s plugin verification logic bypasses signature checks when the provenance file (.prov) is missing, enabling the installation of unsigned plugins as if they were legitimate. This flaw permits an attacker to deploy arbitrary code through a malicious plugin that will run with the privileges of the Helm process and potentially affect the Kubernetes cluster environment.", "risk_and_exploitability": "The vulnerability carries a CVSS score of 8.4, placing it in the high\u2011severity range. An EPSS score is not provided and the vulnerability is not listed in the CISA KEV catalog. The likely attack vector is inferred to involve an adversary supplying a plugin without a provenance file to the Helm installation process; however, the precise exploitation steps are not detailed in the available information."}}}}, "created": "2026-04-10T08:53:14.975519+00:00", "updated": "2026-04-10T09:32:27.568337+00:00", "vendors": ["helm", "helm$PRODUCT$helm"]}