CVE-2026-62239

Source
https://cve.org/CVERecord?id=CVE-2026-62239
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-62239.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-62239
Published
2026-07-13T21:03:32.262Z
Modified
2026-07-17T03:41:36.275387814Z
Severity
  • 5.3 (Medium) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N CVSS Calculator
Summary
FlashAttention Symlink Attack via tarfile.extractall in hopper/setup.py
Details

FlashAttention through 2.8.3.post1, fixed in commit 0816ef1, contains a symlink attack vulnerability in the downloadandcopy() function within hopper/setup.py that extracts NVIDIA toolchain archives without validating symlinks or filtering tar members. A local attacker can pre-plant a symlink in the predictable cache directory to redirect extracted binaries to an attacker-chosen location, enabling arbitrary file write with victim privileges during build time.

Database specific
{
    "cwe_ids": [
        "CWE-59"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/62xxx/CVE-2026-62239.json",
    "cna_assigner": "VulnCheck"
}
References

Affected packages

Git / github.com/dao-ailab/flash-attention

Affected ranges

Type
GIT
Repo
https://github.com/dao-ailab/flash-attention
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed
Database specific
{
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2.8.3.post1"
        }
    ],
    "source": [
        "DESCRIPTION",
        "REFERENCES"
    ]
}

Affected versions

fa4-v4.*
fa4-v4.0.0.beta0
fa4-v4.0.0.beta1
fa4-v4.0.0.beta10
fa4-v4.0.0.beta11
fa4-v4.0.0.beta12
fa4-v4.0.0.beta13
fa4-v4.0.0.beta14
fa4-v4.0.0.beta15
fa4-v4.0.0.beta16
fa4-v4.0.0.beta17
fa4-v4.0.0.beta18
fa4-v4.0.0.beta19
fa4-v4.0.0.beta2
fa4-v4.0.0.beta20
fa4-v4.0.0.beta21
fa4-v4.0.0.beta4
fa4-v4.0.0.beta5
fa4-v4.0.0.beta6
fa4-v4.0.0.beta7
fa4-v4.0.0.beta8
fa4-v4.0.0.beta9
v0.*
v0.2.1
v0.2.2
v0.2.3
v0.2.4
v0.2.5
v0.2.6
v0.2.7
v0.2.8
v1.*
v1.0.0
v1.0.1
v1.0.2
v1.0.3
v1.0.3.post0
v1.0.4
v1.0.5
v1.0.6
v1.0.7
v1.0.8
v1.0.9
v2.*
v2.0.0
v2.0.1
v2.0.2
v2.0.3
v2.0.4
v2.0.5
v2.0.6
v2.0.6.post1
v2.0.6.post2
v2.0.7
v2.0.8
v2.0.9
v2.1.0
v2.1.1
v2.1.2
v2.1.2.post1
v2.1.2.post2
v2.1.2.post3
v2.2.0
v2.2.1
v2.2.2
v2.2.3
v2.2.3.post1
v2.2.3.post2
v2.2.4
v2.2.4.post1
v2.2.5
v2.3.0
v2.3.1
v2.3.1.post1
v2.3.2
v2.3.3
v2.3.4
v2.3.5
v2.3.6
v2.4.0
v2.4.0.post1
v2.4.1
v2.4.2
v2.4.3
v2.4.3.post1
v2.5.0
v2.5.1
v2.5.1.post1
v2.5.2
v2.5.3
v2.5.4
v2.5.5
v2.5.6
v2.5.7
v2.5.8
v2.5.9
v2.5.9.post1
v2.6.0
v2.6.0.post1
v2.6.1
v2.6.2
v2.6.3
v2.7.0
v2.7.0.post1
v2.7.0.post2
v2.7.1
v2.7.1.post1
v2.7.1.post2
v2.7.1.post3
v2.7.1.post4
v2.7.2
v2.7.2.post1
v2.7.3
v2.7.4
v2.7.4.post1
v2.8.0
v2.8.0.post1
v2.8.0.post2
v2.8.1
v2.8.2
v2.8.3

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-62239.json"