What is the CVSS score of EUVD-2026-29825?

EUVD-2026-29825 has a CVSS 3.1 base score of 6.0 (Medium). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N. EPSS exploitation probability: 0.0%.

Is there a patch available for EUVD-2026-29825?

Yes, a patch is available for EUVD-2026-29825. Update the affected software to the latest version immediately.

Hashicorp EUVD-2026-29825

| CVE-2026-6959 MEDIUM

Improper Link Resolution Before File Access (CWE-59)

2026-05-12 HashiCorp

GHSA-3934-423w-4jq3

Information Disclosure Hashicorp

6.0

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Changed

Confidentiality

None

Integrity

High

Availability

None

Lifecycle Timeline

Patch available

May 12, 2026 - 21:33 EUVD

CVE Published

May 12, 2026 - 18:59 nvd

MEDIUM 6.0

DescriptionNVD

HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability (CVE-2026-6959) is fixed in Nomad 2.0.1, 1.11.5 and 1.10.11.

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

More from same product – last 7 days

CVE-2026-8903 MEDIUM This Month

4.3 May 27

Cross-Site Request Forgery in the Two-factor Authentication (formerly IP Vault) WordPress plugin versions up to and incl

CVE-2026-9223 Monitor

4.3 May 22

Missing authorization in the vault import feature in Devolutions Server 2026.1.16.0 and earlier allows a low-privileged

CVE-2026-9246 This Week

4.3 May 22

Improper access control in the entry documentation and attachment features in Devolutions Server allows an authenticated

CVE-2026-9248 Monitor

2.6 May 22

Authorization bypass in the entry duplication feature in Devolutions Server allows an authenticated user with write acce

EUVD-2026-29825 vulnerability details – vuln.today

Back

Hashicorp EUVD-2026-29825

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

Analysis

Full analysis requires sign-in

More from same product – last 7 days

Share

External POC / Exploit Code