A critical vulnerability in Argo CD, tracked as CVE-2025-55190, allows API tokens with low project-level permissions to access sensitive repository credentials, posing a significant security risk for organizations using the tool. This flaw, affecting all versions up to 2.13.0, could enable attackers to exploit sensitive data, leading to potential code theft and supply chain attacks. Administrators are urged to update to fixed versions to mitigate the risk.