Description
HashiCorp Nomad’s exec2 task driver prior to 0.1.2 is vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability (CVE-2026-8052) is fixed in version 0.1.2 of the exec2 task driver.
Published: 2026-05-12
Score: 6 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A vulnerability in HashiCorp Nomad’s exec2 task driver allows an attacker who can submit a task to read or modify any file on the client host as the Nomad process user. The flaw arises from insufficient validation of symlink targets, letting the task write through a symlink to overwrite system files or read sensitive data. This capability enables a compromise of confidentiality, integrity, and potentially availability of the client system.

Affected Systems

HashiCorp Nomad exec2 task driver versions before 0.1.2 are affected. The vulnerability applies to installations that use the exec2 driver within the Nomad agent’s shared library environment.

Risk and Exploitability

The vulnerability carries a CVSS base score of 6, indicating a medium severity. The EPSS score is not available, and the issue is not listed in CISA’s KEV catalog. The likely attack scenario requires an attacker with the ability to submit or influence a task running on the client, which may occur if malicious or compromised workloads are authorized. Because the flaw is local to the Nomad task execution context, exploitability depends on the presence and configuration of the exec2 driver and the privileges of the Nomad process.

Generated by OpenCVE AI on May 12, 2026 at 21:09 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install exec2 task driver version 0.1.2 or later.
  • Disable or remove the exec2 task driver from Nomad client configurations until the upgrade is complete.
  • Run the Nomad agent as a non‑privileged user and restrict task execution to the least privileges necessary.

Generated by OpenCVE AI on May 12, 2026 at 21:09 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 13 May 2026 00:15:00 +0000

Type Values Removed Values Added
First Time appeared Hashicorp
Hashicorp shared Library
Vendors & Products Hashicorp
Hashicorp shared Library

Tue, 12 May 2026 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 12 May 2026 19:30:00 +0000

Type Values Removed Values Added
Description HashiCorp Nomad’s exec2 task driver prior to 0.1.2 is vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability (CVE-2026-8052) is fixed in version 0.1.2 of the exec2 task driver.
Title Nomad's exec2 task driver vulnerable to arbitrary file read/write on client host through symlink attack
Weaknesses CWE-59
References
Metrics cvssV3_1

{'score': 6, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N'}

Subscriptions

Hashicorp Shared Library
cve-icon MITRE

Status: PUBLISHED

Assigner: HashiCorp

Published:

Updated: 2026-05-12T20:22:44.939Z

Reserved: 2026-05-06T18:39:30.181Z

Link: CVE-2026-8052

cve-icon Vulnrichment

Updated: 2026-05-12T20:22:32.792Z

cve-icon NVD

Status : Received

Published: 2026-05-12T20:16:46.720

Modified: 2026-05-12T20:16:46.720

Link: CVE-2026-8052

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-13T00:00:16Z

Weaknesses