Where
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how helm compares to other vendors in security performance

View Risk Score →

Helm helmHelm Chart extraction output directory collapse via `Chart.yaml` name dot-segment

Risk 30
Severity
4.8
First published (updated )
CVE-2026-35206

go/helm.sh/helm/v4Helm's plugin verification fails open when .prov is missing, allowing unsigned plugin install

Risk 74
Severity
8.4
First published (updated )
CVE-2026-35205

go/helm.sh/helm/v4Helm has a path traversal in plugin metadata version enables arbitrary file write outside Helm plugin directory

Risk 70
Severity
8.4
First published (updated )
CVE-2026-35204

Helm helmHelm is a package manager for Charts for Kubernetes. Prior to version 3.18.5, it is possible to craf…

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-2388449

Helm helmHelm is a package manager for Charts for Kubernetes. Prior to version 3.18.5, when parsing Chart.yam…

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-2388451
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Helm helmHelm May Panic Due To Incorrect YAML Content

Risk 37
Severity
6.5
First published (updated )
CVE-2025-55198

Helm helmHelm Charts with Specific JSON Schema Values Can Cause Memory Exhaustion

Risk 37
Severity
6.5
First published (updated )
CVE-2025-55199

Helm helmHelm is a package manager for Charts for Kubernetes. Prior to 3.18.4, a specially crafted Chart.yaml…

Risk 33
Severity
7
First published (updated )
REDHAT-BUG-2378905

Helm helmHelm Chart Dependency Updating With Malicious Chart.yaml Content And Symlink Can Lead To Code Execution

Risk 70
Severity
8.6
First published (updated )
CVE-2025-53547

Helm helmHelm Allows A Specially Crafted Chart Archive To Cause Out Of Memory Termination

Risk 27
Severity
6.5
EPSS
0.04%
First published (updated )
CVE-2025-32386
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Helm helmHelm Allows A Specially Crafted JSON Schema To Cause A Stack Overflow

Risk 27
Severity
6.5
EPSS
0.04%
First published (updated )
CVE-2025-32387

go/helm.sh/helm/v3Infoleak

Risk 70
Severity
9.1
First published (updated )
CVE-2019-25210

go/helm.sh/helm/v3Helm's Missing YAML Content Leads To Panic

Risk 31
Severity
7.5
EPSS
0.04%
First published (updated )
CVE-2024-26147

go/helm.sh/helm/v3Dependency management path traversal in helm

Risk 29
Severity
6.4
EPSS
0.04%
First published (updated )
CVE-2024-25620

Helm helmgetHostByName Function Information Disclosure

Risk 23
Severity
4.3
First published (updated )
CVE-2023-25165
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

redhat/helm.sh/helm/v3Helm vulnerable to Denial of service through string value parsing

Risk 45
Severity
7.5
First published (updated )
CVE-2022-23524

go/helm.sh/helm/v3Helm contains Denial of service through schema file

Risk 45
Severity
7.5
First published (updated )
CVE-2022-23526

go/helm.sh/helm/v3Helm vulnerable to Denial of service via NULL Pointer Dereference

Risk 45
Severity
7.5
First published (updated )
CVE-2022-23525

Helm helmFlux2 Helm Controller denial of service

Risk 44
Severity
7.7
First published (updated )
CVE-2022-36049

go/helm.sh/helm/v3Denial of service in Helm

Risk 45
Severity
7.5
First published (updated )
CVE-2022-36055
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

redhat/helmRepository credentials passed to alternate domain

Risk 52
Severity
8.6
First published (updated )
CVE-2021-32690

go/helm.sh/helm/v3Injection attack in Helm

Risk 40
Severity
6.8
First published (updated )
CVE-2021-21303

Helm helmDuplicate plugin entries in Helm

Risk 46
Severity
6.5
First published (updated )
CVE-2020-15187

Helm helmImproper sanitization of plugin names in Helm

Risk 22
Severity
4
First published (updated )
CVE-2020-15186

Helm helmDuplicated chart entries in Helm

Risk 22
Severity
4
First published (updated )
CVE-2020-15185
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Helm helmAliases are never checked in Helm

Risk 22
Severity
4
First published (updated )
CVE-2020-15184

go/helm.sh/helm/v3Path Traversal in Helm Plugin Archive

Risk 75
Severity
8.5
First published (updated )
CVE-2020-4053

Helm helmlookup Function Information Discolosure in Helm

Risk 55
Severity
8.5
First published (updated )
CVE-2020-11013

go/helm.sh/helmIn Helm 2.x before 2.15.2, commands that deal with loading a chart as a directory or packaging a cha…

Risk 87
Severity
9.8
First published (updated )
CVE-2019-18658

go/helm.sh/helmhelm Before 2.7.2 is affected by: CWE-295: Improper Certificate Validation. The impact is: Unauthori…

Risk 87
Severity
9.8
First published (updated )
CVE-2019-1010275
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203