CVE-2026-35204
Path Traversal in Helm Plugin Allows Arbitrary File Write
Publication date: 2026-04-09
Last updated on: 2026-04-17
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| helm | helm | From 4.0.0 (inc) to 4.1.4 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-35204 is a high-severity path traversal vulnerability in Helm, a Kubernetes package manager for Charts, affecting versions 4.0.0 through 4.1.3.
The flaw occurs when a specially crafted Helm plugin is installed or updated. The plugin's metadata version field in plugin.yaml can contain POSIX path traversal sequences (e.g., "../"), which Helm improperly processes.
This causes Helm to write plugin files outside the intended plugin directory, allowing arbitrary file writes to any location on the filesystem accessible by the user running Helm.
The vulnerability requires local access to install or update a plugin but does not require elevated privileges or additional user interaction beyond the plugin installation.
It is fixed in Helm version 4.1.4 by enforcing strict semantic versioning validation on the plugin version field to prevent path traversal inputs.
How can this vulnerability impact me? :
This vulnerability allows an attacker who can install or update a Helm plugin locally to write files arbitrarily anywhere on the filesystem accessible to the user running Helm.
The impact on the vulnerable system includes high integrity risk due to unauthorized modification of system or user files, which can lead to system compromise.
While confidentiality impact on the vulnerable system is none, the subsequent impact on confidentiality, integrity, and availability can be high if critical files are overwritten or malicious files are placed.
Availability impact is low but could escalate if critical system files are overwritten.
Overall, this vulnerability can lead to significant security breaches including system compromise, data corruption, or denial of service.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by inspecting Helm plugins installed or updated on your system, specifically by checking the plugin.yaml files for the presence of a version field containing POSIX path traversal sequences such as "../".
You can manually validate the version field in each plugin's plugin.yaml file to ensure it does not contain path traversal patterns.
For example, you can use commands like the following to find suspicious version fields in Helm plugins:
- grep -r 'version:' ~/.helm/plugins/ | grep '\.\./'
- find ~/.helm/plugins/ -name plugin.yaml -exec grep -H 'version:' {} \; | grep '\.\./'
These commands search for version fields containing "../" which indicate potential exploitation attempts or vulnerable plugins.
What immediate steps should I take to mitigate this vulnerability?
The primary immediate step to mitigate this vulnerability is to upgrade Helm to version 4.1.4 or later, where the vulnerability has been fixed.
If upgrading immediately is not possible, manually validate all installed or updated Helm plugins to ensure their plugin.yaml version fields do not contain path traversal sequences such as "../".
The patch in version 4.1.4 enforces strict semantic versioning validation on the plugin version field, preventing malicious path traversal inputs.
Additionally, avoid installing or updating plugins from untrusted sources, as the attack requires the ability to install or update a Helm plugin.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows arbitrary file writes outside the intended Helm plugin directory, which can lead to unauthorized modification of system files and potential system compromise.
While the vulnerability itself does not directly impact confidentiality on the vulnerable system, the subsequent system impact could affect confidentiality, integrity, and availability, potentially leading to violations of compliance requirements under standards like GDPR or HIPAA that mandate protection of system integrity and data security.
Organizations using vulnerable Helm versions may risk non-compliance if this vulnerability is exploited, as it could enable attackers to alter or overwrite critical files, undermining system security controls required by such regulations.
Mitigation by upgrading to Helm version 4.1.4 or later is essential to maintain compliance and reduce risk.