CVE-2026-41704

AgentClienthandlemethod lines 264-303 processes every NATS reply. It calls injectcompilelog line 273 on every response, which reads response'value''result''compilelogid' line 332-338 and passes it to downloadanddeleteblob. Separately, any response containing 'exception' goes through formatexcepti...

CVE-2026-41704

CVE-2026-41704 affects BOSH Director prior to v282.1.12. The issue arises from AgentClient#handle_method handling NATS responses: it may invoke inject_compile_log and format_exception, and the blobstore resource flow calls ResourceManager#get_resource(blob_id) followed by ResourceManager#delete_r...

EUVD-2026-32108

AgentClienthandlemethod lines 264-303 processes every NATS reply. It calls injectcompilelog line 273 on every response, which reads response'value''result''compilelogid' line 332-338 and passes it to downloadanddeleteblob. Separately, any response containing 'exception' goes through formatexcepti...

PT-2026-43567

Name of the Vulnerable Software and Affected Versions BOSH Director versions prior to 282.1.12 Description The AgentClienthandle method processes NATS replies and invokes inject compile log for every response, which reads the compile log id from response'value''result''compile log id' and passes ...