VDB

GO-2026-4330

GO-2026-4330 PUBLISHED

External Secrets Operator insecurely retrieves secrets through the getSecretKey templating function in github.com/external-secrets/external-secrets

Affected Products

VendorProductVersions
github.comexternal-secrets/external-secrets0.20.2, 0.20.2

Timeline

  • Feb 3, 2026 CVE Published
  • Apr 16, 2026 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›