CVE-2026-35204
Received Received - Intake
Path Traversal in Helm Plugin Allows Arbitrary File Write

Publication date: 2026-04-09

Last updated on: 2026-04-17

Assigner: GitHub, Inc.

Description
Helm is a package manager for Charts for Kubernetes. From 4.0.0 to 4.1.3, a specially crafted Helm plugin, when installed or updated, will cause Helm to write the contents of the plugin to an arbitrary filesystem location. To prevent this, validate that the plugin.yaml of the Helm plugin does not include a version: field containing POSIX dot-dot path separators ie. "/../". This vulnerability is fixed in 4.1.4.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-09
Last Modified
2026-04-17
Generated
2026-06-16
AI Q&A
2026-04-09
EPSS Evaluated
2026-06-15
NVD
CVE-2026-35204
EUVD
EUVD-2026-20900
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
helm helm From 4.0.0 (inc) to 4.1.4 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-22 The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The vulnerability allows arbitrary file writes outside the intended Helm plugin directory, which can lead to unauthorized modification of system files and potential system compromise.

While the vulnerability itself does not directly impact confidentiality on the vulnerable system, the subsequent system impact could affect confidentiality, integrity, and availability, potentially leading to violations of compliance requirements under standards like GDPR or HIPAA that mandate protection of system integrity and data security.

Organizations using vulnerable Helm versions may risk non-compliance if this vulnerability is exploited, as it could enable attackers to alter or overwrite critical files, undermining system security controls required by such regulations.

Mitigation by upgrading to Helm version 4.1.4 or later is essential to maintain compliance and reduce risk.

Executive Summary

CVE-2026-35204 is a high-severity path traversal vulnerability in Helm, a Kubernetes package manager for Charts, affecting versions 4.0.0 through 4.1.3.

The flaw occurs when a specially crafted Helm plugin is installed or updated. The plugin's metadata version field in plugin.yaml can contain POSIX path traversal sequences (e.g., "../"), which Helm improperly processes.

This causes Helm to write plugin files outside the intended plugin directory, allowing arbitrary file writes to any location on the filesystem accessible by the user running Helm.

The vulnerability requires local access to install or update a plugin but does not require elevated privileges or additional user interaction beyond the plugin installation.

It is fixed in Helm version 4.1.4 by enforcing strict semantic versioning validation on the plugin version field to prevent path traversal inputs.

Impact Analysis

This vulnerability allows an attacker who can install or update a Helm plugin locally to write files arbitrarily anywhere on the filesystem accessible to the user running Helm.

The impact on the vulnerable system includes high integrity risk due to unauthorized modification of system or user files, which can lead to system compromise.

While confidentiality impact on the vulnerable system is none, the subsequent impact on confidentiality, integrity, and availability can be high if critical files are overwritten or malicious files are placed.

Availability impact is low but could escalate if critical system files are overwritten.

Overall, this vulnerability can lead to significant security breaches including system compromise, data corruption, or denial of service.

Detection Guidance

This vulnerability can be detected by inspecting Helm plugins installed or updated on your system, specifically by checking the plugin.yaml files for the presence of a version field containing POSIX path traversal sequences such as "../".

You can manually validate the version field in each plugin's plugin.yaml file to ensure it does not contain path traversal patterns.

For example, you can use commands like the following to find suspicious version fields in Helm plugins:

  • grep -r 'version:' ~/.helm/plugins/ | grep '\.\./'
  • find ~/.helm/plugins/ -name plugin.yaml -exec grep -H 'version:' {} \; | grep '\.\./'

These commands search for version fields containing "../" which indicate potential exploitation attempts or vulnerable plugins.

Mitigation Strategies

The primary immediate step to mitigate this vulnerability is to upgrade Helm to version 4.1.4 or later, where the vulnerability has been fixed.

If upgrading immediately is not possible, manually validate all installed or updated Helm plugins to ensure their plugin.yaml version fields do not contain path traversal sequences such as "../".

The patch in version 4.1.4 enforces strict semantic versioning validation on the plugin version field, preventing malicious path traversal inputs.

Additionally, avoid installing or updating plugins from untrusted sources, as the attack requires the ability to install or update a Helm plugin.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-35204. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart