=== Building vulnerable binary ===
Previous HEAD position was 5c11f948 release: Generate files and changelog for 2.0.1
HEAD is now at 7a90601f release: Generate files and changelog for 2.0.0
=== Building fixed binary ===
Previous HEAD position was 7a90601f release: Generate files and changelog for 2.0.0
HEAD is now at 5c11f948 release: Generate files and changelog for 2.0.1
=== Starting vulnerable agent ===
PID: 5329
NodeID: 6626b30d-aa28-b59d-32a5-84057ca41618
Vulnerable HTTP code: 500
HostVolume.Create error: error creating volume "3df4d11f-de03-0688-79e7-6733730304b7" with plugin "../../../../bin/ls": exit status 2
HTTP_CODE:500
=== Starting fixed agent ===
PID: 5401
NodeID: 11a7ed9c-0dc3-e9de-2d01-6a22b4e53f19
Fixed HTTP code: 500
could not place volume "cve-test-vol": node 11a7ed9c-0dc3-e9de-2d01-6a22b4e53f19 is not feasible for volume
HTTP_CODE:500
=== CONFIRMED: CVE-2026-7474 reproduced ===
Vulnerable (v2.0.0): server accepted traversal plugin and client executed /bin/ls
Fixed (v2.0.1): server rejected request before forwarding (node not feasible)