Medium severity6.5NVD Advisory· Published Feb 9, 2021· Updated Jun 17, 2026
CVE-2021-26921
CVE-2021-26921
Description
In util/session/sessionmanager.go in Argo CD before 1.8.4, tokens continue to work even when the user account is disabled.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Argo CD/Argo CDdescription
Patches
Vulnerability mechanics
References
3- github.com/argoproj/argo-cd/commit/f5b0db240b4e3abf18e97f6fd99096b4f9e94dc5nvdPatchThird Party Advisory
- github.com/argoproj/argo-cd/compare/v1.8.3...v1.8.4nvdPatchThird Party Advisory
- github.com/argoproj/argo-cd/security/advisories/GHSA-9h6w-j7w4-jr52nvdThird Party Advisory
News mentions
0No linked articles in our index yet.