Known Vulnerabilities for Nomad by Hashicorp
Listed below are 10 of the newest known vulnerabilities associated with "Nomad" by "Hashicorp".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-14896 json | HashiCorp Nomad and Nomad Enterprise are vulnerable to a cross-namespace authorization bypass in the dynamic host volumes fea... | Not Provided | 2026-07-08 | 2026-07-09 |
| CVE-2026-14891 json | HashiCorp Nomad and Nomad Enterprise are vulnerable to a sandbox escape in the Docker task driver that may allow a job submit... | Not Provided | 2026-07-08 | 2026-07-09 |
| CVE-2026-14373 json | HashiCorp Nomad and Nomad Enterprise did not enforce the allow_privileged restriction for the Docker task driver's host names... | Not Provided | 2026-07-08 | 2026-07-08 |
| CVE-2026-8052 json | HashiCorp Nomad’s exec2 task driver prior to 0.1.2 is vulnerable to arbitrary file read and write on the client host as the... | Not Provided | 2026-05-12 | 2026-05-12 |
| CVE-2026-7474 json | HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to code execution on the client host through a path traver... | Not Provided | 2026-05-12 | 2026-05-13 |
| CVE-2026-6959 json | HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to arbitrary file read and write on the client host as the... | Not Provided | 2026-05-12 | 2026-05-12 |
| CVE-2023-3300 json | HashiCorp Nomad and Nomad Enterprise 0.11.0 up to 1.5.6 and 1.4.1 HTTP search API can reveal names of available CSI plugins t... | 5.3 - MEDIUM | 2023-07-20 | 2023-07-27 |
| CVE-2023-3299 json | HashiCorp Nomad Enterprise 1.2.11 up to 1.5.6, and 1.4.10 ACL policies using a block without a label generates unexpected ... | 2.7 - LOW | 2023-07-20 | 2023-07-27 |
| CVE-2023-3072 json | HashiCorp Nomad and Nomad Enterprise 0.7.0 up to 1.5.6 and 1.4.10 ACL policies using a block without a label generates unexpe... | 3.8 - LOW | 2023-07-20 | 2023-07-27 |
| CVE-2023-1782 json | HashiCorp Nomad and Nomad Enterprise versions 1.5.0 up to 1.5.2 allow unauthenticated users to bypass intended ACL authorizat... | 9.8 - CRITICAL | 2023-04-05 | 2023-04-12 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Hashicorp | Nomad | 1.0.4 | |||
| Application | Hashicorp | Nomad | 1.0.4 | |||
| Application | Hashicorp | Nomad | 1.0.3 | |||
| Application | Hashicorp | Nomad | 1.0.3 | |||
| Application | Hashicorp | Nomad | 1.0.2 | |||
| Application | Hashicorp | Nomad | 1.0.2 | |||
| Application | Hashicorp | Nomad | 1.0.1 | |||
| Application | Hashicorp | Nomad | 1.0.1 | |||
| Application | Hashicorp | Nomad | 1.0.0 | |||
| Application | Hashicorp | Nomad | 1.0.0 | |||
| Application | Hashicorp | Nomad | 1.0.0 | |||
| Application | Hashicorp | Nomad | 1.0.0 | |||
| Application | Hashicorp | Nomad | 1.0.0 | |||
| Application | Hashicorp | Nomad | 1.0.0 | |||
| Application | Hashicorp | Nomad | 1.0.0 | |||
| Application | Hashicorp | Nomad | 1.0.0 | |||
| Application | Hashicorp | Nomad | 0.9.7 | |||
| Application | Hashicorp | Nomad | 0.9.7 | |||
| Application | Hashicorp | Nomad | 0.9.6 | |||
| Application | Hashicorp | Nomad | 0.9.6 |