PT-2026-40385 · Hashicorp · Nomad Enterprise+1
Published
2026-05-12
·
Updated
2026-05-12
·
CVE-2026-7474
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
HashiCorp Nomad versions prior to 2.0.1
HashiCorp Nomad Enterprise versions prior to 2.0.1
Description
A path traversal attack allows for code execution on the client host. Path traversal is a technique that enables attackers to access files and directories outside the intended folder by using special characters like "../".
Recommendations
Update to version 2.0.1, 1.11.5, or 1.10.11.
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Nomad
Nomad Enterprise