Nomad enterprise

This hub aggregates every CVE we track for Nomad enterprise, a product in the cloud saas space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Nomad enterprise.

• CVE-2026-7474Nomad vulnerable to path traversal in dynamic host volume which may lead to code execution8.8May 12, 2026
• CVE-2026-6959Nomad vulnerable to arbitrary file read/write on client host through symlink attack6.0May 12, 2026
• CVE-2025-4922Nomad Vulnerable To Incorrect ACL Policy Lookup Attached To A Job8.1Jun 11, 2025
• CVE-2025-3744Nomad Vulnerable To Violation Of Mandatory Sentinel Policies in Nomad Job Submissions via Policy Override7.6May 13, 2025
• CVE-2025-1296Nomad Exposes Sensitive Workload Identity and Client Secret Token in Audit Logs6.5Mar 10, 2025
• CVE-2025-0937Nomad Vulnerable To Event Stream Namespace ACL Policy Bypass Through Wildcard Namespace7.1Feb 12, 2025
• CVE-2024-12678Nomad Allocations Vulnerable To Privilege Escalation Within A Namespace Using Unredacted Workload Identity Tokens6.5Dec 20, 2024
• CVE-2024-10975Nomad Vulnerable To Cross-Namespace Volume Creation Abusing CSI Write Permission7.7Nov 7, 2024
• CVE-2024-7625Nomad Vulnerable to Allocation Directory Escape On Non-Existing File Paths Through Archive Unpacking5.8Aug 14, 2024
• CVE-2024-6717Nomad Vulnerable to Allocation Directory Path Escape Through Archive Unpacking7.7Jul 23, 2024
• CVE-2024-1329Nomad Vulnerable to Arbitrary Write Through Symlink Attack7.7Feb 8, 2024
• CVE-2023-3300Nomad Search API Leaks Information About CSI Plugins5.3Jul 19, 2023
• CVE-2023-3299Nomad Caller ACL Token's Secret ID is Exposed to Sentinel3.4Jul 19, 2023
• CVE-2023-3072Nomad ACL Policies without Label are Applied to Unexpected Resources4.1Jul 19, 2023
• CVE-2023-1782Nomad Unauthenticated Client Agent HTTP Request Privilege Escalation9.9Apr 5, 2023