CVE-2026-6959

EPSS 0.01%
Veröffentlicht 12.05.2026 18:59:09
Zuletzt bearbeitet 13.05.2026 15:53:17
Quelle security@hashicorp.com
CVE-Watchlists
Login
Unerledigt
Login

Nomad vulnerable to arbitrary file read/write on client host through symlink attack

HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability (CVE-2026-6959) is fixed in Nomad 2.0.1, 1.11.5 and 1.10.11.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

CNA 2 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerHashiCorp

≫

Produkt Nomad

Default Statusunaffected

Version 0.9.0

Version < 2.0.1

Status affected

HerstellerHashiCorp

≫

Produkt Nomad Enterprise

Default Statusunaffected

Version 0.9.0

Version < 2.0.1

Status affected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.006

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
security@hashicorp.com	6	1.5	4	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N

CWE-59 Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

https://discuss.hashicorp.com/t/hcsec-2026-14-nomad-arbitrary-file-read-write-on-client-host-through-symlink-attack/77416

https://nvd.nist.gov/vuln/detail/CVE-2026-6959

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-6959

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-6959

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-6959