CVE-2026-5061

Source
https://cve.org/CVERecord?id=CVE-2026-5061
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-5061.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-5061
Aliases
Published
2026-05-12T13:58:20.409Z
Modified
2026-07-08T08:13:57.797609510Z
Severity
  • 4.7 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
Consul-template vulnerable to sandbox path bypass in file helper via a symlink attack
Details

The consul-template library before version 0.42.0 is vulnerable to a sandbox path bypass in the file template helper that may allow reading an out-of-sandbox file. This vulnerability (CVE-2026-5061) is fixed in consul-template 0.42.0.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/5xxx/CVE-2026-5061.json",
    "cna_assigner": "HashiCorp",
    "cwe_ids": [
        "CWE-59"
    ]
}
References

Affected packages

Git / github.com/hashicorp/consul-template

Affected ranges

Type
GIT
Repo
https://github.com/hashicorp/consul-template
Events
Database specific
{
    "source": "AFFECTED_FIELD",
    "extracted_events": [
        {
            "introduced": "0.1.0"
        },
        {
            "fixed": "0.42.0"
        }
    ]
}

Affected versions

v0.*
v0.1.0
v0.1.1
v0.10.0
v0.11.0
v0.11.1
v0.12.0
v0.12.1
v0.12.2
v0.13.0
v0.14.0
v0.15.0
v0.16.0
v0.16.0-rc1
v0.18.0
v0.18.0-rc1
v0.18.0-rc3
v0.18.1
v0.18.2
v0.18.3
v0.18.4
v0.18.5
v0.19.0
v0.19.1
v0.19.2
v0.19.3
v0.19.4
v0.19.5
v0.2.0
v0.20.0
v0.20.1
v0.21.0
v0.21.1
v0.21.2
v0.21.3
v0.22.0
v0.22.1
v0.23.0
v0.24.0
v0.24.1
v0.25.0
v0.25.1
v0.25.2
v0.26.0
v0.27.0
v0.27.1
v0.27.2
v0.28.0
v0.29.0
v0.29.1
v0.29.2
v0.29.3
v0.29.4
v0.29.5
v0.29.6
v0.3.0
v0.3.1
v0.30.0
v0.31.0
v0.32.0
v0.33.0
v0.34.0
v0.35.0
v0.36.0
v0.37.0
v0.37.1
v0.37.2
v0.37.3
v0.37.4
v0.37.5
v0.37.6
v0.38.0
v0.38.1
v0.39.0
v0.39.1
v0.4.0
v0.40.0
v0.41.2
v0.41.3
v0.41.4
v0.5.0
v0.5.1
v0.6.0
v0.6.1
v0.6.5
v0.7.0
v0.8.0
v0.9.0

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-5061.json"