{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/helm/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"id":"CVE-2026-35204"}],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["helm","path-traversal","vulnerability","plugin","kubernetes"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eHelm, a package manager for Kubernetes charts, is vulnerable to a path traversal issue. Specifically, Helm versions 4.0.0 through 4.1.3 are affected. A maliciously crafted Helm plugin, when installed or updated, can exploit this vulnerability (CVE-2026-35204) to write the plugin\u0026rsquo;s contents to arbitrary locations on the user\u0026rsquo;s filesystem. This can lead to overwriting critical system files or user data, potentially compromising the system\u0026rsquo;s integrity. Helm v4.1.4 resolves this vulnerability by rejecting plugins with non-SemVer versions containing path traversal patterns. Defenders should ensure Helm installations are updated to the patched version or implement workarounds to validate plugin metadata.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker crafts a malicious Helm plugin. This plugin contains a \u003ccode\u003eplugin.yaml\u003c/code\u003e file with a \u003ccode\u003eversion\u003c/code\u003e field that includes POSIX dot-dot path separators (e.g., \u003ccode\u003e/../\u003c/code\u003e).\u003c/li\u003e\n\u003cli\u003eThe attacker distributes the malicious plugin to potential victims, possibly through public repositories or direct spear phishing.\u003c/li\u003e\n\u003cli\u003eA victim attempts to install or update the Helm plugin using the \u003ccode\u003ehelm plugin install\u003c/code\u003e or \u003ccode\u003ehelm plugin update\u003c/code\u003e command.\u003c/li\u003e\n\u003cli\u003eHelm parses the \u003ccode\u003eplugin.yaml\u003c/code\u003e file and extracts the \u003ccode\u003eversion\u003c/code\u003e field, which contains the path traversal characters.\u003c/li\u003e\n\u003cli\u003eDue to the vulnerability, Helm incorrectly resolves the file path, allowing the plugin\u0026rsquo;s contents to be written outside the intended plugin directory.\u003c/li\u003e\n\u003cli\u003eThe malicious plugin overwrites arbitrary files on the user\u0026rsquo;s system based on the path specified in the \u003ccode\u003eversion\u003c/code\u003e field.\u003c/li\u003e\n\u003cli\u003eDepending on the files overwritten, the attacker can achieve various malicious objectives, such as gaining persistence, escalating privileges, or executing arbitrary code.\u003c/li\u003e\n\u003cli\u003eThe attacker achieves persistence by overwriting system startup scripts or configuration files, allowing the malicious code to run automatically on system reboot.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability allows attackers to overwrite arbitrary files on the victim\u0026rsquo;s system. This can lead to various detrimental outcomes, including data loss, system instability, privilege escalation, and ultimately, complete system compromise. While the specific number of victims is unknown, any user running a vulnerable version of Helm (4.0.0 - 4.1.3) is at risk. The potential impact includes compromising Kubernetes deployments and sensitive data stored on affected systems.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade Helm to version 4.1.4 or later to remediate CVE-2026-35204, as this version includes a patch that prevents path traversal during plugin installation.\u003c/li\u003e\n\u003cli\u003eImplement a validation step before installing or updating Helm plugins, checking the \u003ccode\u003eplugin.yaml\u003c/code\u003e file for a \u003ccode\u003eversion:\u003c/code\u003e field containing POSIX dot-dot path separators. This mitigates the risk described in the workaround section of the advisory.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026ldquo;Helm Plugin Install with Path Traversal\u0026rdquo; to detect attempts to install plugins with malicious \u003ccode\u003eversion\u003c/code\u003e fields, using file_event logs.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-11T12:00:00Z","date_published":"2026-04-11T12:00:00Z","id":"/briefs/2026-04-helm-path-traversal/","summary":"A path traversal vulnerability in Helm versions 4.0.0 to 4.1.3 allows a malicious plugin to write files to arbitrary locations on the filesystem, leading to potential system compromise.","title":"Helm Plugin Path Traversal Vulnerability","url":"https://feed.craftedsignal.io/briefs/2026-04-helm-path-traversal/"}],"language":"en","title":"CraftedSignal Threat Feed — Helm","version":"https://jsonfeed.org/version/1.1"}