Lucene search
K

32 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:24 p.m.13 views

CVE-2026-8052

HashiCorp Nomad’s exec2 task driver prior to 0.1.2 is vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability CVE-2026-8052 is fixed in version 0.1.2 of the exec2 task driver...

6CVSS5.6AI score0.00129EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/12 9:31 p.m.11 views

EUVD-2026-29825

HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability CVE-2026-6959 is fixed in Nomad 2.0.1, 1.11.5 and 1.10.11...

6CVSS5.9AI score0.00169EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/12 9:31 p.m.12 views

HashiCorp Nomad vulnerable to symlink attack

HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability CVE-2026-6959 is fixed in Nomad 2.0.1, 1.11.5 and 1.10.11...

6CVSS5.9AI score0.00169EPSS
Exploits0References5Affected Software1
Snyk
Snyk
added 2026/05/12 9:20 p.m.9 views

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack via the exec2 process. An attacker can access or modify arbitrary files on the client host by exploiting symbolic link handling. Remediation Upgrade github.com/hashicorp/nomad-driver-exec2/pkg/shim to version 0.1.2 or...

6.7CVSS5.9AI score0.00129EPSS
Exploits0References2
NVD
NVD
added 2026/05/12 8:16 p.m.16 views

CVE-2026-6959

HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability CVE-2026-6959 is fixed in Nomad 2.0.1, 1.11.5 and 1.10.11...

6CVSS0.00169EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/05/12 8:16 p.m.12 views

CVE-2026-8052

HashiCorp Nomad’s exec2 task driver prior to 0.1.2 is vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability CVE-2026-8052 is fixed in version 0.1.2 of the exec2 task driver...

6CVSS5.8AI score0.00129EPSS
Exploits0References2
OSV
OSV
added 2026/05/12 8:16 p.m.14 views

UBUNTU-CVE-2026-6959

HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability CVE-2026-6959 is fixed in Nomad 2.0.1, 1.11.5 and 1.10.11...

6CVSS5.9AI score0.00169EPSS
Exploits0References3
OSV
OSV
added 2026/05/12 8:16 p.m.12 views

UBUNTU-CVE-2026-8052

HashiCorp Nomad’s exec2 task driver prior to 0.1.2 is vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability CVE-2026-8052 is fixed in version 0.1.2 of the exec2 task driver...

6CVSS5.9AI score0.00129EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/12 7:9 p.m.6 views

CVE-2026-8052

HashiCorp Nomad’s exec2 task driver prior to 0.1.2 is vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability CVE-2026-8052 is fixed in version 0.1.2 of the exec2 task driver...

6CVSS5.9AI score0.00129EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/12 7:9 p.m.11 views

CVE-2026-8052 Nomad's exec2 task driver vulnerable to arbitrary file read/write on client host through symlink attack

HashiCorp Nomad’s exec2 task driver prior to 0.1.2 is vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability CVE-2026-8052 is fixed in version 0.1.2 of the exec2 task driver...

6CVSS5.9AI score0.00129EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 7:9 p.m.38 views

CVE-2026-8052

Summary: CVE-2026-8052 affects HashiCorp Nomad’s exec2 task driver prior to version 0.1.2. The flaw allows arbitrary file read and write on the client host as the Nomad process user via a symlink attack, potentially impacting integrity (I) but not confidentiality or availability per the provided ...

6CVSS5.9AI score0.00129EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 6:59 p.m.42 views

CVE-2026-6959 Nomad vulnerable to arbitrary file read/write on client host through symlink attack

HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability CVE-2026-6959 is fixed in Nomad 2.0.1, 1.11.5 and 1.10.11...

6CVSS0.00169EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 6:59 p.m.6 views

CVE-2026-6959

HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability CVE-2026-6959 is fixed in Nomad 2.0.1, 1.11.5 and 1.10.11...

6CVSS5.9AI score0.00169EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2026/05/12 6:59 p.m.22 views

CVE-2026-6959

CVE-2026-6959 affects HashiCorp Nomad and Nomad Enterprise older than 2.0.1, allowing arbitrary file read/write on the client host as the Nomad process user via a symlink attack. Impact: potential unauthorized access or manipulation on the client host; CVSS 3.1 base score 6.0 (Scope Changed, Priv...

6CVSS5.9AI score0.00169EPSS
Exploits0References1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2026/05/12 6:50 p.m.7 views

Nomad arbitrary file read/write on client host through symlink attack

Summary HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability CVE-2026-6959 is fixed in Nomad 2.0.1, 1.11.5 and 1.10.11. Background Nomad workloads are run by ta...

6CVSS6.5AI score0.00169EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.8 views

HashiCorp Nomad和HashiCorp Nomad Enterprise 路径遍历漏洞

HashiCorp Nomad and HashiCorp Nomad Enterprise are both products from HashiCorp, a company based in the United States. HashiCorp Nomad is a simple and flexible scheduler and orchestrator. It’s used for managing containers and non-containerized applications on both local and cloud environments...

8.8CVSS6.2AI score0.06892EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.15 views

PT-2026-40384

Name of the Vulnerable Software and Affected Versions HashiCorp Nomad versions prior to 2.0.1 HashiCorp Nomad Enterprise versions prior to 2.0.1 Description An issue exists that allows arbitrary file read and write operations on the client host with the privileges of the Nomad process user. This ...

6CVSS6AI score0.00169EPSS
Exploits0References13
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

HashiCorp Nomad 后置链接漏洞

HashiCorp Nomad is a simple and flexible scheduler and orchestrator provided by the American company HashiCorp. It is used for managing containers and non-containerized applications on both local and cloud environments. Versions of HashiCorp Nomad prior to 0.1.2 contained a post-installation...

6CVSS5.9AI score0.00129EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.10 views

PT-2026-40386

Name of the Vulnerable Software and Affected Versions HashiCorp Nomad exec2 task driver versions prior to 0.1.2 Description The exec2 task driver allows arbitrary file read and write operations on the client host with the privileges of the Nomad process user. This is possible through a symlink...

6CVSS6AI score0.00129EPSS
Exploits0References14
CNNVD
CNNVD
added 2023/09/20 12:0 a.m.5 views

PaperCutNG Mobility Print Cross-Site Request Forgery Vulnerability

PaperCutNG Mobility Print is a product of PaperCutNG, Inc. designed to provide mobile printing solutions for schools, businesses and other organizations. A security vulnerability exists in PaperCutNG Mobility Print version 1.0.3512 that stems from the application not being protected against CSRF...

6.5CVSS6.8AI score0.00228EPSS
Exploits1References3
Rows per page
Query Builder