Critical 9.9 CVSS Flaw in Arcane Exposes GitOps Secrets to Basic Users

Arcane, the popular tool billed as “Modern Docker Management, Designed for Everyone”, has disclosed a severe security vulnerability that completely shatters its internal permission model. Tracked as CVE-2026-45625, this critical flaw commands a CVSS base score of 9.9.

The vulnerability allows unauthorized, non-admin users to easily exfiltrate highly sensitive Git credentials in plaintext and manipulate core GitOps configurations. Because Arcane environments naturally hook into an organization’s most critical deployment pipelines, this authentication failure presents a massive supply-chain and infrastructure risk.

The root of this vulnerability lies in Arcane’s huma-based REST API, specifically within the endpoints responsible for handling GitOps source repositories and their stored credentials. The platform exposes nine endpoints under the /api/customize/git-repositories and /api/git-repositories/sync routes.

In a glaring oversight, eight of these endpoints (which control listing, creating, getting, updating, deleting, testing, listing branches, and browsing files) never call the checkAdmin(ctx) helper. This specific helper function is strictly utilized by every other admin-managed resource on the platform, including container registries, environments, users, API keys, and system settings.

Furthermore, Arcane’s authentication middleware is configured to deliberately enforce only baseline authentication, without checking for an admin role. The consequence? Any logged-in user with the standard, default user role has the power to list, create, modify, delete, and test git repository configurations. Default Arcane installations create new accounts with this user role automatically, meaning no special configurations or prerequisites are required for an attacker to reach this exploit.

Having unauthorized CRUD (Create, Read, Update, Delete) access to Git repositories is dangerous enough, but attackers can easily weaponize this access to steal credentials outright.

Administrators typically configure Personal Access Tokens (PATs) and SSH keys for source-of-truth GitOps repositories; these are encrypted at rest with a key controlled by Arcane. However, a low-privileged authenticated user can repoint an existing repository’s URL to a host controlled by the attacker.

By updating the URL while omitting the token or sshKey fields (which the UpdateRepository function only overwrites if explicitly supplied), the attacker sets a trap. When the attacker subsequently triggers a /test, /branches, or /files call, Arcane decrypts the legitimate, encrypted PAT or SSH key and presents it directly to the attacker’s host as HTTP Basic authentication or SSH key authentication. This results in a seamless, one-step exfiltration of plaintext Git credentials.

The fallout from CVE-2026-45625 is widespread and critical. The vulnerability allows for the following attack vectors:

• Cleartext Credential Exfiltration: Any authenticated low-privileged user can force the application to decrypt stored Git credentials and transmit them to a URL of their choosing. Stolen GitHub or GitLab PATs typically grant write access to organizational source repositories, CI secrets, container registries, and downstream production systems, allowing the attacker to completely escape Arcane’s security boundary (S:C).
• Privilege Escalation: Non-admin users effectively gain Arcane administrator privileges over GitOps. By modifying and deleting repository configurations, they dictate exactly what code Arcane pulls and deploys to the network.
• Supply-Chain Integrity Loss: An attacker can swap the URL of a legitimate, enabled repository to a malicious fork, inject attacker-controlled images or manifests into deployments, and then simply revert the URL after a sync to cover their tracks.
• Pipeline Denial of Service: Any basic user can trigger a DELETE /customize/git-repositories/{id} request to completely wipe out production repository configurations, severely disrupting the GitOps pipeline.
• Information Disclosure: Regardless of their role, a caller can use the GET …/files endpoint to clone private repositories using the stored credentials and view the file contents directly within the API response.

Arcane has addressed this critical flaw. The vulnerability affects all platform versions up to and including 1.18.1.

Administrators are strongly urged to update their instances to the fully patched version, 1.19.0, immediately to lock down GitOps configurations and secure their stored credentials. Organizations utilizing Arcane for production pipelines should also consider rotating their Git credentials (PATs and SSH keys) as a precautionary measure if untrusted users had access to the platform prior to patching.