Medium severity5.8NVD Advisory· Published May 27, 2026

CVE-2026-41009

Description

When the director sends a long-running request (e.g. compile_package), the agent's reply JSON is consumed by AgentClient. inject_compile_log (line 332-339) reads response['value']['result']['compile_log_id'] and format_exception (line 318-325) reads exception['blobstore_id']; both pass the agent-supplied string unmodified to download_and_delete_blob(blob_id) (line 344-349), which calls @resource_manager.get_resource(blob_id) and, in an ensure block, @resource_manager.delete_resource(blob_id). Api::ResourceManager forwards the id straight to blobstore.get(id) / blobstore.delete(id). When the director is configured with the local blobstore provider, Blobstore::LocalClient#object_file_path(oid) is File.join(@blobstore_path, oid) (local_client.rb:54-56) with no normalisation, so oid = "../../jobs/director/config/director.yml" resolves outside the blobstore root.

Affected versions: BOSH Director: All versions prior to v282.1.12

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Path traversal in BOSH Director's local blobstore allows an attacker with VM code execution to read and delete arbitrary files on the director.

Vulnerability

In BOSH Director versions prior to v282.1.12, the AgentClient methods inject_compile_log and format_exception pass agent-supplied blob IDs directly to download_and_delete_blob. This method uses ResourceManager and Blobstore::LocalClient without path normalization. When the local blobstore provider is configured, Blobstore::LocalClient#object_file_path joins the blobstore root with the user-supplied oid using File.join, allowing path traversal sequences like ../../jobs/director/config/director.yml to escape the blobstore directory [1].

Exploitation

An attacker who has code execution on any BOSH-managed VM can replace or man-in-the-middle the agent reply for an in-flight compile_package task. The crafted JSON includes a malicious compile_log_id or blobstore_id containing path traversal. The director worker then calls download_and_delete_blob with that string, causing the local blobstore to read the targeted file and subsequently delete it [1].

Impact

Successful exploitation allows the attacker to read arbitrary files on the director VM (e.g., configuration files containing secrets) and delete arbitrary files, potentially bricking the director. The CVSS v3 score of 5.8 (Medium) reflects high integrity impact and low availability impact, with local access and high privileges required [1].

Mitigation

The vulnerability is fixed in BOSH Director v282.1.12. All users should upgrade to this version or later. No workarounds are documented. The issue is not listed on CISA's Known Exploited Vulnerabilities catalog [1].

References

CVE-2026-41009 - Local Blobstore may allow arbitrary reads/deletes | Cloud Foundry

AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

RubyGems/Boshinferred
Range: <282.1.12
Package: https://rubygems.org/gems/bosh
Cloudfoundry/Boshllm-fuzzy
Range: < 282.1.12

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.cloudfoundry.org/blog/cve-2026-41009-local-blobstore-may-allow-arbitrary-reads-deletes/nvd

News mentions

No linked articles in our index yet.

cvss	0.377
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000