{
  "cve_id": "CVE-2026-7474",
  "ghsa_id": "GHSA-hx53-77qj-8663",
  "vulnerability_type": "Path Traversal leading to Arbitrary Command Execution",
  "cwe_ids": ["CWE-22", "CWE-78"],
  "variant_status": "NO_BYPASS_FOUND",
  "variant_summary": "Three distinct variant hypotheses were tested against the fixed version (v2.0.1): (1) path traversal with .. sequences, (2) symlink escape from the plugin directory, and (3) Register->Delete chain to reach the same sink. All direct traversal/symlink variants were blocked by the client-side os.OpenRoot fix on v2.0.1. The Register endpoint remains a latent variant path because it does not validate PluginID, but it cannot be exploited because the client sink is hardened. No true bypass of the patched code path was found.",
  "submitted_target": {
    "target_kind": "git_tag",
    "version": "v2.0.0",
    "display": "hashicorp/nomad v2.0.0"
  },
  "variant_target": {
    "target_kind": "git_tag",
    "commit_sha": "5c11f948ba7e9e709abf7f2ab7895ba5b44feb39",
    "version": "v2.0.1",
    "display": "hashicorp/nomad v2.0.1"
  },
  "validation_verdict": "VARIANT_NOT_CONFIRMED",
  "verdict_explanation": "No variant or bypass was confirmed on the fixed version v2.0.1. The client-side os.OpenRoot containment in NewHostVolumePluginExternal successfully blocks path traversal, absolute paths, and symlink escapes. The server-side feasibility check in placeHostVolume also prevents malicious PluginIDs from being forwarded to clients via the Create endpoint. The Register endpoint provides an alternate code path that reaches the same sink, but it is blocked by the same client-side fix.",
  "evidence": {
    "variant_attempts": [
      {
        "name": "Path traversal via ..",
        "vulnerable_result": "Allowed on v2.0.0 (NewHostVolumePluginExternal returned nil error)",
        "fixed_result": "Blocked on v2.0.1 (root.Stat returned ErrPluginNotExists)",
        "bypass": false
      },
      {
        "name": "Symlink escape from plugin directory",
        "vulnerable_result": "Allowed on v2.0.0 (os.Stat followed symlink to /bin/ls)",
        "fixed_result": "Blocked on v2.0.1 (root.Stat rejected symlink escaping root)",
        "bypass": false
      },
      {
        "name": "Register -> Delete chain with updated PluginID",
        "vulnerable_result": "Path exists on v2.0.0 (ValidateUpdate allows PluginID changes, Register lacks feasibility check)",
        "fixed_result": "Blocked on v2.0.1 (os.OpenRoot in NewHostVolumePluginExternal blocks execution)",
        "bypass": false
      }
    ],
    "log_files": [
      "logs/vuln_variant/variant_vuln.txt",
      "logs/vuln_variant/variant_fixed.txt"
    ]
  },
  "blocking_mitigation": "Client-side os.OpenRoot(path) + root.Stat(filename) in NewHostVolumePluginExternal, plus server-side feasibility check in placeHostVolume for explicit NodeID requests.",
  "reproduction_timestamp": "2026-05-28T19:24:00Z"
}