Security Advisory

CVE-2026-8052

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-05-12 19:09:15

Last updated 2026-05-12 20:22:44

Assigner HashiCorp

State PUBLISHED

Description

HashiCorp Nomad’s exec2 task driver prior to 0.1.2 is vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability (CVE-2026-8052) is fixed in version 0.1.2 of the exec2 task driver.

← Browse all CVEs View on cve.org ↗