Primary

Context

HashiCorp Nomad and Nomad Enterprise Arbitrary File Read/Write Vulnerability on Client Host

Vulnerability

Patched

A vulnerability allowing arbitrary file read and write on the client host has been identified in HashiCorp Nomad and Nomad Enterprise versions prior to 2.0.1. This issue arises from a symlink attack, where an attacker can manipulate named pipe symlinks for a workload's log files. As a result, the attacker gains access to the host's filesystem with the privileges of the Nomad process user. This vulnerability is particularly concerning because it exploits the filesystem isolation of Nomad task drivers, potentially leading to unauthorized access or modification of files on the client host.

Impact

Exploitation of this vulnerability allows for arbitrary file read and write operations on the client host, using the permissions of the Nomad process user.

Remediation

Users are advised to upgrade to Nomad 2.0.1, 1.11.5, 1.10.11, or newer.

Added: May 12, 2026, 8:27 PM

Updated: May 12, 2026, 8:27 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

1.0

exploitability

4.9

remediation

7.7

relevance

8.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

1.0

exploitability

4.9

remediation

7.7

relevance

8.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

HashiCorp Nomad and Nomad Enterprise Arbitrary File Read/Write Vulnerability on Client Host

Vulnerability

Impact

Remediation

Affected Products

HashiCorp Nomad

HashiCorp Nomad Enterprise

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating