CVE-2025-59531 — Vulnetix

CVE-2025-59531 PUBLISHED

Unauthenticated argocd-server panic via a malicious Bitbucket-Server webhook payload

EPSS 0.24% · 47.2th percentile

Risk Scores

EPSS Score

0.24%

47.2th percentile

Affected Products

Vendor	Product	Versions
Bitnami	argo-cd	1.2.0, 3.0.0, 3.1.0
Bitnami	argo-cd	1.2.0, 3.0.0, 3.1.0

Exploit Intelligence

https://github.com/argoproj/argo-cd/security/advisories/GHSA-f9gq-prrc-hrhc (cve.org)

Timeline

Jan 21, 1970 Security Advisory
Sep 30, 2025 CVE Published
Oct 2, 2025 EPSS Score
Oct 4, 2025 Coalition ESS Score
Oct 6, 2025 Coalition ESS Score
Oct 7, 2025 CVE Updated
Oct 9, 2025 EPSS Score
Oct 10, 2025 Coalition ESS Score
Oct 15, 2025 EPSS Score
Oct 22, 2025 EPSS Score
Oct 28, 2025 EPSS Score
Nov 4, 2025 EPSS Score

References

Open in Interactive Console →

$ Console Community · 100/wk Open console ›