Lucene search
K

64 matches found

NVD
NVD
added 5 days ago7 views

CVE-2026-14373

HashiCorp Nomad and Nomad Enterprise did not enforce the allowprivileged restriction for the Docker task driver's host namespace mode options. This may allow an authenticated job submitter to run a container in a host namespace and access information belonging to the host or to other workloads on...

7.7CVSS0.00248EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago36 views

CVE-2026-14891 Nomad vulnerable to sandbox escape in Docker task driver

HashiCorp Nomad and Nomad Enterprise are vulnerable to a sandbox escape in the Docker task driver that may allow a job submitter to bind-mount a host path into a container even when volume bind mounts are disabled, potentially leading to reading and writing files on the host. This vulnerability,...

8.7CVSS0.00316EPSS
Exploits0References1
EUVD
EUVD
added 5 days ago6 views

EUVD-2026-42345

HashiCorp Nomad and Nomad Enterprise are vulnerable to a sandbox escape in the Docker task driver that may allow a job submitter to bind-mount a host path into a container even when volume bind mounts are disabled, potentially leading to reading and writing files on the host. This vulnerability,...

8.7CVSS6AI score0.00316EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/07/01 9:30 p.m.9 views

Security Bulletin: Nomad vulnerable to arbitrary file read/write on client host through symlink attack

Summary HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability CVE-2026-6959 is fixed in Nomad 2.0.1, 1.11.5 and 1.10.11. Vulnerability Details CVEID:CVE-2026-695...

6CVSS5.9AI score0.00169EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:32 p.m.11 views

CVE-2026-6959

HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability CVE-2026-6959 is fixed in Nomad 2.0.1, 1.11.5 and 1.10.11...

6CVSS5.6AI score0.00169EPSS
Exploits0References1
OSV
OSV
added 2026/05/12 9:31 p.m.7 views

GHSA-3934-423W-4JQ3 HashiCorp Nomad vulnerable to symlink attack

HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability CVE-2026-6959 is fixed in Nomad 2.0.1, 1.11.5 and 1.10.11...

6CVSS5.9AI score0.00169EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/12 9:31 p.m.8 views

EUVD-2026-29826

HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to code execution on the client host through a path traversal attack. This vulnerability CVE-2026-7474 is fixed in Nomad 2.0.1, 1.11.5 and 1.10.11...

8.8CVSS6.2AI score0.06892EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/12 9:31 p.m.12 views

HashiCorp Nomad vulnerable to a path traversal

HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to code execution on the client host through a path traversal attack. This vulnerability CVE-2026-7474 is fixed in Nomad 2.0.1, 1.11.5 and 1.10.11...

8.8CVSS6.2AI score0.06892EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/12 9:31 p.m.11 views

HashiCorp Nomad vulnerable to symlink attack

HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability CVE-2026-6959 is fixed in Nomad 2.0.1, 1.11.5 and 1.10.11...

6CVSS5.9AI score0.00169EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2026/05/12 8:16 p.m.16 views

CVE-2026-6959

HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability CVE-2026-6959 is fixed in Nomad 2.0.1, 1.11.5 and 1.10.11...

6CVSS0.00169EPSS
Exploits0References1
OSV
OSV
added 2026/05/12 8:16 p.m.10 views

UBUNTU-CVE-2026-7474

HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to code execution on the client host through a path traversal attack. This vulnerability CVE-2026-7474 is fixed in Nomad 2.0.1, 1.11.5 and 1.10.11...

8.8CVSS6.2AI score0.06892EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/12 7:9 p.m.35 views

CVE-2026-8052 Nomad's exec2 task driver vulnerable to arbitrary file read/write on client host through symlink attack

HashiCorp Nomad’s exec2 task driver prior to 0.1.2 is vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability CVE-2026-8052 is fixed in version 0.1.2 of the exec2 task driver...

6CVSS0.00129EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 6:59 p.m.42 views

CVE-2026-6959 Nomad vulnerable to arbitrary file read/write on client host through symlink attack

HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability CVE-2026-6959 is fixed in Nomad 2.0.1, 1.11.5 and 1.10.11...

6CVSS0.00169EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 6:59 p.m.21 views

CVE-2026-6959

CVE-2026-6959 affects HashiCorp Nomad and Nomad Enterprise older than 2.0.1, allowing arbitrary file read/write on the client host as the Nomad process user via a symlink attack. Impact: potential unauthorized access or manipulation on the client host; CVSS 3.1 base score 6.0 (Scope Changed, Priv...

6CVSS5.9AI score0.00169EPSS
Exploits0References1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2026/05/12 6:54 p.m.10 views

Nomad vulnerable to path traversal in dynamic host volume which may lead to code execution

Summary HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to code execution on the client host through a path traversal attack. This vulnerability CVE-2026-7474 is fixed in Nomad 2.0.1, 1.11.5 and 1.10.11. Background Nomad’s Dynamic Host Volumes feature allows the cluster admin t...

8.8CVSS7.2AI score0.06892EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2026/05/12 6:50 p.m.7 views

Nomad arbitrary file read/write on client host through symlink attack

Summary HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability CVE-2026-6959 is fixed in Nomad 2.0.1, 1.11.5 and 1.10.11. Background Nomad workloads are run by ta...

6CVSS6.5AI score0.00169EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

HashiCorp Nomad 后置链接漏洞

HashiCorp Nomad is a simple and flexible scheduler and orchestrator provided by the American company HashiCorp. It is used for managing containers and non-containerized applications on both local and cloud environments. Versions of HashiCorp Nomad prior to 0.1.2 contained a post-installation...

6CVSS5.9AI score0.00129EPSS
Exploits0References1
Redos
Redos
added 2025/12/19 12:0 a.m.6 views

ROS-20251219-7301

Vulnerability in nomad related to incorrect link definition before accessing a file. Exploitation of the vulnerability could allow an attacker to escalate his privileges...

7.5CVSS7AI score0.00507EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-2035

Malware in sbrugna...

8.8CVSS8.5AI score0.00689EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-2424

Malware in sbrugna...

8.8CVSS8.6AI score0.01182EPSS
Exploits0References6
Rows per page
Query Builder